VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

zavirovaný notebook - pomalé starty, pomalý internet

https://forum.viry.cz:443/viewtopic.php?t=157854

Stránka 1 z 1

zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 14:16
od ave007
==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [165000 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKU\S-1-5-21-699561386-3478598684-2963703645-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {575DF98B-A51D-4516-913D-DB03DEDED3EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {5C28D0D6-EEE2-494F-AB95-C6CB9D7E21E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {5C4D9656-7EA4-4D1A-ABD2-AA612E11B1E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {74FC6248-F6AF-4FDA-91E1-FEEA09E01BCF} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe [302112 2021-01-06] (EUROBYTE SOFTWARE s.r.o. -> OEM)
Task: {8507D01C-AE34-468B-B1A4-C14785080F76} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C042D4DE-909A-4EC7-B9FD-ADC410E7AD73} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4669576 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {F7E50893-F43A-4276-B6C7-294B71BE56E2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4ac9eae4-cb03-4a47-9208-6fccc1d30ade}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e6417cfe-f497-4530-abdf-ac8814f656cd}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\novak\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-07]

Chrome:
=======
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default [2021-02-08]
CHR Extension: (Prezentace) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-09]
CHR Extension: (Dokumenty) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-09]
CHR Extension: (Disk Google) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-09]
CHR Extension: (Tabulky) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [622312 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [352392 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8524736 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [36936 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208808 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [332944 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [247952 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [97424 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2021-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42568 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [176528 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [522616 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109064 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84640 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851392 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469040 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [214936 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [325056 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-08 12:13 - 2021-02-08 12:17 - 000010716 _____ C:\Users\novak\Desktop\FRST.txt
2021-02-08 12:10 - 2021-02-08 12:14 - 000000000 ____D C:\FRST
2021-02-08 12:09 - 2021-02-08 12:10 - 002297344 _____ (Farbar) C:\Users\novak\Desktop\FRST64.exe
2021-02-07 13:47 - 2021-02-07 13:47 - 000000000 ___HD C:\$AV_AVG
2021-02-07 13:24 - 2021-02-07 13:24 - 000003402 _____ C:\WINDOWS\system32\Tasks\ebtools
2021-02-07 13:23 - 2021-02-07 14:38 - 000000000 ____D C:\Program Files (x86)\EUROBYTE TOOLS
2021-02-07 13:23 - 2020-03-10 10:23 - 001081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2021-02-07 13:23 - 2020-03-10 10:23 - 000608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCTL32.OCX
2021-02-07 13:23 - 2020-03-10 10:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2021-02-07 13:23 - 2020-03-10 10:23 - 000006114 _____ C:\WINDOWS\SysWOW64\SHELLLNK.TLB
2021-02-07 13:22 - 2021-02-07 13:22 - 010569640 _____ (EUROBYTE SOFTWARE s.r.o. ) C:\Users\novak\Desktop\install_vp4_cs_CZ.exe
2021-01-23 12:47 - 2021-01-23 12:47 - 029285264 _____ (TeamViewer Germany GmbH) C:\Users\novak\Desktop\TeamViewer_Setup.exe
2021-01-22 15:25 - 2021-02-07 10:16 - 000000000 ____D C:\Users\novak\AppData\Local\CrashDumps
2021-01-18 22:40 - 2021-02-05 21:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-01-18 13:07 - 2021-01-18 13:07 - 002159667 _____ C:\Users\novak\Desktop\Dita 10.PDF
2021-01-18 13:07 - 2021-01-18 13:07 - 001993519 _____ C:\Users\novak\Desktop\Dita 9.PDF
2021-01-17 17:11 - 2021-01-17 17:11 - 000000000 ____D C:\Users\novak\AppData\Roaming\AVG
2021-01-17 17:11 - 2021-01-17 17:11 - 000000000 ____D C:\Users\novak\AppData\Local\CEF
2021-01-17 17:10 - 2021-01-17 17:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-01-17 17:09 - 2021-02-08 08:07 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-01-17 17:09 - 2021-01-17 17:09 - 000522616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000469040 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000341128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-01-17 17:09 - 2021-01-17 17:09 - 000325056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000247952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000214936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000176528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000109064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000097424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000084640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000042568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-01-17 17:09 - 2021-01-17 17:08 - 000851392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-01-17 17:09 - 2021-01-17 17:08 - 000332944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-01-17 17:09 - 2021-01-17 17:08 - 000208808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-01-17 17:09 - 2021-01-17 17:08 - 000036936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-01-17 17:07 - 2021-01-17 17:07 - 000000000 ____D C:\Program Files\AVG
2021-01-14 10:39 - 2021-01-14 10:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 10:39 - 2021-01-14 10:39 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 10:38 - 2021-01-14 10:38 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 10:38 - 2021-01-14 10:38 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 10:38 - 2021-01-14 10:38 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 10:38 - 2021-01-14 10:38 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 10:38 - 2021-01-14 10:38 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 10:38 - 2021-01-14 10:38 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 10:38 - 2021-01-14 10:38 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 10:37 - 2021-01-14 10:37 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 10:37 - 2021-01-14 10:37 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 10:37 - 2021-01-14 10:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 10:37 - 2021-01-14 10:37 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 10:37 - 2021-01-14 10:37 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 10:36 - 2021-01-14 10:36 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 10:36 - 2021-01-14 10:36 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 10:36 - 2021-01-14 10:36 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 10:35 - 2021-01-14 10:35 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 10:35 - 2021-01-14 10:35 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 10:35 - 2021-01-14 10:35 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 10:35 - 2021-01-14 10:35 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 10:34 - 2021-01-14 10:34 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 10:34 - 2021-01-14 10:34 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 10:34 - 2021-01-14 10:34 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 10:33 - 2021-01-14 10:33 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 10:33 - 2021-01-14 10:33 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 10:33 - 2021-01-14 10:33 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 10:32 - 2021-01-14 10:32 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 10:32 - 2021-01-14 10:32 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 10:32 - 2021-01-14 10:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 10:32 - 2021-01-14 10:32 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:46 - 2021-01-15 13:38 - 000000000 ____D C:\Users\novak\Desktop\kuchyn

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-08 11:45 - 2020-07-09 11:38 - 000000000 ___RD C:\Users\novak\OneDrive
2021-02-08 11:44 - 2020-08-01 05:13 - 000000000 ____D C:\Program Files\CCleaner
2021-02-08 11:30 - 2020-08-23 17:21 - 000000000 ____D C:\Users\novak\Desktop\foto
2021-02-08 10:22 - 2020-07-09 23:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-07 14:31 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-06 16:38 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-06 16:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-05 21:36 - 2020-08-01 05:13 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-05 21:36 - 2020-08-01 05:13 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-05 21:36 - 2020-07-18 07:16 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 21:36 - 2020-07-18 07:16 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 21:36 - 2020-07-09 23:42 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 21:36 - 2020-07-09 23:42 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 21:36 - 2020-07-09 23:42 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-699561386-3478598684-2963703645-1001
2021-02-05 16:27 - 2012-09-29 16:33 - 000000000 ____D C:\temp
2021-02-05 09:15 - 2020-07-26 04:37 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-02 20:26 - 2020-07-09 23:25 - 000002372 _____ C:\Users\novak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-28 13:39 - 2020-07-09 10:47 - 000000000 ____D C:\Users\novak\AppData\Local\Packages
2021-01-24 21:55 - 2020-07-09 23:25 - 000000000 ____D C:\Users\novak
2021-01-24 10:21 - 2020-07-09 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-22 08:06 - 2020-12-18 12:55 - 000000000 ____D C:\Users\novak\AppData\Local\ElevatedDiagnostics
2021-01-19 16:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-17 17:09 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-15 10:43 - 2020-08-23 17:22 - 000000000 ____D C:\Users\novak\Desktop\hačkovaní
2021-01-14 20:12 - 2020-07-09 23:32 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-14 20:12 - 2019-03-19 12:55 - 000683780 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-14 20:12 - 2019-03-19 12:55 - 000137462 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-14 20:08 - 2020-07-09 10:47 - 000000000 ___RD C:\Users\novak\3D Objects
2021-01-14 20:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-14 20:05 - 2020-07-09 23:19 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-14 20:01 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-14 19:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 19:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 19:54 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 19:54 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 10:53 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 10:50 - 2020-07-09 13:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 10:48 - 2020-07-09 13:47 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 10:32 - 2020-07-09 23:23 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 14:17
od ave007
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2021 02
Ran by novak (08-02-2021 12:52:17)
Running from C:\Users\novak\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2020-07-09 22:43:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-699561386-3478598684-2963703645-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-699561386-3478598684-2963703645-503 - Limited - Disabled)
defaultuser100001 (S-1-5-21-699561386-3478598684-2963703645-1005 - Limited - Enabled)
Guest (S-1-5-21-699561386-3478598684-2963703645-501 - Limited - Disabled)
novak (S-1-5-21-699561386-3478598684-2963703645-1001 - Administrator - Enabled) => C:\Users\novak
WDAGUtilityAccount (S-1-5-21-699561386-3478598684-2963703645-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.10.3157 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-699561386-3478598684-2963703645-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
VyčistitPočítač4 (HKLM-x32\...\{FA10498D-9FD0-40F2-B943-817E10C0F837}_is1) (Version: 4.0 - EUROBYTE SOFTWARE s.r.o.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-17] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.51.4.0_x86__kgqvnymyfvs32 [2021-01-28] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-02-08 11:46 - 2021-02-08 11:46 - 002581504 _____ () [File not signed] C:\Users\novak\AppData\Local\Temp\_MEI76122\PIL\_imaging.cp37-win_amd64.pyd
2021-02-08 11:46 - 2021-02-08 11:46 - 000605184 _____ () [File not signed] C:\Users\novak\AppData\Local\Temp\_MEI76122\PIL\_imagingft.cp37-win_amd64.pyd

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-699561386-3478598684-2963703645-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\novak\Desktop\139104000_3974798165872887_8705714389580792512_n.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE37AA8F-CB3B-4436-8608-0B64026B4C5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72C7CC4B-DBFC-4449-B882-3B4626583BEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2137799D-A444-4A99-A9BC-00D5A1B82254}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2F17AA1-BE73-4F1F-BC0B-BA9DAAB04648}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D6039CD-E525-443C-B725-2DC0DFA024AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1DB61091-74DE-4E41-9DD1-E26FAA76E2AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B686404F-20B4-4D83-B9CF-DC257F0BB8F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5AD1677-D4F3-4626-9F71-0ED0EB057186}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBF23521-BF02-4693-8680-4D71C81DD7F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88034E6B-AAFA-43AB-B41E-35DF19FA89F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A32D22D3-BF02-41BF-94B2-D692A42EAEE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{684A01EB-C19B-4B4B-8456-EB2DF1B2B7EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F8E9E57-92C3-4F91-8761-4EC07ECD0E45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

14-01-2021 10:04:50 Windows Update
24-01-2021 10:32:28 Naplánovaný kontrolní bod
01-02-2021 13:17:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/08/2021 12:02:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6888,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 11:48:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 11:18:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1164,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 11:04:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2584,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 10:57:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7788,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 08:25:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8704,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 08:13:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/07/2021 04:17:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10660,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (02/08/2021 11:43:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/08/2021 11:32:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/08/2021 10:22:49 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/08/2021 08:12:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/08/2021 08:08:23 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/07/2021 10:40:42 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/07/2021 01:11:51 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/07/2021 01:11:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2021-01-16 16:28:28.701
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0EFE2529-19B8-4C97-950A-A4E58BEA46DD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-14 12:31:07.539
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C6AF1F40-7735-43BA-84ED-9AFDC662EAB4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-13 09:45:52.255
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4FB68FCC-B0CE-4E2E-825E-4825C4415326}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-11 17:44:53.002
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F850AFFA-77FE-43E3-B7CC-E31648321C59}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-09 11:40:33.882
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {52C21072-EF4A-4BF5-BB86-B3CD2873BB25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-26 09:55:53.925
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1030.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-26 09:11:18.181
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1030.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-25 21:27:23.008
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1030.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-23 10:25:56.017
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.857.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2021-02-08 13:02:37.516
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 13:00:17.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 13:00:13.857
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 12:59:53.974
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 12:59:52.069
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 12:59:42.740
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 12:59:31.703
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 12:59:30.054
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 5ECN92WW(V8.04) 09/14/2012
Motherboard: LENOVO INVALID
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 86%
Total physical RAM: 3959.77 MB
Available physical RAM: 540.12 MB
Total Virtual: 5429.58 MB
Available Virtual: 1009.12 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:836.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) NTFS

\\?\Volume{5d39dc8f-4f57-4b5c-89ed-93dfcce8c3c5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{3b80586e-1d4f-4546-aa3d-57ef5555eca7}\ () (Fixed) (Total:0.44 GB) (Free:0.41 GB) NTFS
\\?\Volume{14c28185-2495-4904-a831-7ba62cbc5c7c}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:11.4 GB) NTFS
\\?\Volume{a1ca0b60-5599-4cfd-b011-20de90e86b28}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B2318667)

Partition: GPT.

==================== End of Addition.txt =======================

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 14:50
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 15:27
od ave007
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-08-2021
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\extensions

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1874 octets] - [08/02/2021 15:18:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 16:01
od Rudy
Dejte nové logy FRST+Addition.

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 18:09
od ave007
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-02-2021
Ran by novak (administrator) on DESKTOP-JMVUS3P (LENOVO 20138) (08-02-2021 16:38:00)
Running from C:\Users\novak\Desktop
Loaded Profiles: novak
Platform: Windows 10 Home Version 1909 18363.1316 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <5>
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20566.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1310_none_16f941c72a2d5db6\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [165000 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [571928 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKU\S-1-5-21-699561386-3478598684-2963703645-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Windows x64\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCT.DLL [30208 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [406528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-05] (Google LLC -> Google LLC)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinitx.dll [183144 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvinit.dll [161016 2017-01-17] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {575DF98B-A51D-4516-913D-DB03DEDED3EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {5C28D0D6-EEE2-494F-AB95-C6CB9D7E21E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {5C4D9656-7EA4-4D1A-ABD2-AA612E11B1E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {74FC6248-F6AF-4FDA-91E1-FEEA09E01BCF} - System32\Tasks\ebtools => C:\Program Files (x86)\EUROBYTE TOOLS\vp4.exe [302112 2021-01-06] (EUROBYTE SOFTWARE s.r.o. -> OEM)
Task: {8507D01C-AE34-468B-B1A4-C14785080F76} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C042D4DE-909A-4EC7-B9FD-ADC410E7AD73} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4669576 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\ebtools" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-699561386-3478598684-2963703645-1001" /ENABLE
Task: {C6360333-10AB-43EA-97E7-3BFB435B6869} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {F7E50893-F43A-4276-B6C7-294B71BE56E2} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1773192 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{4ac9eae4-cb03-4a47-9208-6fccc1d30ade}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e6417cfe-f497-4530-abdf-ac8814f656cd}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\novak\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-07]

Chrome:
=======
CHR Profile: C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default [2021-02-08]
CHR Extension: (Prezentace) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-09]
CHR Extension: (Dokumenty) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-09]
CHR Extension: (Disk Google) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-09]
CHR Extension: (Tabulky) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-11]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-01-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\novak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-31]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [622312 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [352392 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8524736 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [110608 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [36936 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [208808 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [332944 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [247952 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [97424 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16832 2021-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [42568 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [176528 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [522616 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [109064 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84640 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851392 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [469040 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [214936 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [325056 2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-08 16:37 - 2021-02-08 16:37 - 000000000 ____D C:\Users\novak\Desktop\FRST-OlderVersion
2021-02-08 15:13 - 2021-02-08 15:13 - 008457584 _____ (Malwarebytes) C:\Users\novak\Desktop\adwcleaner_8.0.9.1.exe
2021-02-08 12:52 - 2021-02-08 13:07 - 000023306 _____ C:\Users\novak\Desktop\Addition.txt
2021-02-08 12:13 - 2021-02-08 16:42 - 000014735 _____ C:\Users\novak\Desktop\FRST.txt
2021-02-08 12:10 - 2021-02-08 16:39 - 000000000 ____D C:\FRST
2021-02-08 12:09 - 2021-02-08 16:37 - 002297344 _____ (Farbar) C:\Users\novak\Desktop\FRST64.exe
2021-02-07 13:47 - 2021-02-07 13:47 - 000000000 ___HD C:\$AV_AVG
2021-02-07 13:24 - 2021-02-08 15:28 - 000002582 _____ C:\WINDOWS\system32\Tasks\ebtools
2021-02-07 13:23 - 2021-02-07 14:38 - 000000000 ____D C:\Program Files (x86)\EUROBYTE TOOLS
2021-02-07 13:23 - 2020-03-10 10:23 - 001081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx
2021-02-07 13:23 - 2020-03-10 10:23 - 000608448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COMCTL32.OCX
2021-02-07 13:23 - 2020-03-10 10:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.ocx
2021-02-07 13:23 - 2020-03-10 10:23 - 000006114 _____ C:\WINDOWS\SysWOW64\SHELLLNK.TLB
2021-02-07 13:22 - 2021-02-07 13:22 - 010569640 _____ (EUROBYTE SOFTWARE s.r.o. ) C:\Users\novak\Desktop\install_vp4_cs_CZ.exe
2021-01-23 12:47 - 2021-01-23 12:47 - 029285264 _____ (TeamViewer Germany GmbH) C:\Users\novak\Desktop\TeamViewer_Setup.exe
2021-01-22 15:25 - 2021-02-07 10:16 - 000000000 ____D C:\Users\novak\AppData\Local\CrashDumps
2021-01-18 22:40 - 2021-02-08 15:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-01-18 13:07 - 2021-01-18 13:07 - 002159667 _____ C:\Users\novak\Desktop\Dita 10.PDF
2021-01-18 13:07 - 2021-01-18 13:07 - 001993519 _____ C:\Users\novak\Desktop\Dita 9.PDF
2021-01-17 17:11 - 2021-01-17 17:11 - 000000000 ____D C:\Users\novak\AppData\Roaming\AVG
2021-01-17 17:11 - 2021-01-17 17:11 - 000000000 ____D C:\Users\novak\AppData\Local\CEF
2021-01-17 17:10 - 2021-01-17 17:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-01-17 17:09 - 2021-02-08 15:28 - 000003310 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-01-17 17:09 - 2021-01-17 17:09 - 000522616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000469040 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000341128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-01-17 17:09 - 2021-01-17 17:09 - 000325056 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000247952 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000214936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000176528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000109064 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000097424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000084640 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000042568 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000016832 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-01-17 17:09 - 2021-01-17 17:09 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-01-17 17:09 - 2021-01-17 17:08 - 000851392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-01-17 17:09 - 2021-01-17 17:08 - 000332944 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-01-17 17:09 - 2021-01-17 17:08 - 000208808 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-01-17 17:09 - 2021-01-17 17:08 - 000036936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-01-17 17:07 - 2021-01-17 17:07 - 000000000 ____D C:\Program Files\AVG
2021-01-14 10:39 - 2021-01-14 10:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-01-14 10:39 - 2021-01-14 10:39 - 000094720 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-01-14 10:38 - 2021-01-14 10:38 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-01-14 10:38 - 2021-01-14 10:38 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-01-14 10:38 - 2021-01-14 10:38 - 000455680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-01-14 10:38 - 2021-01-14 10:38 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-01-14 10:38 - 2021-01-14 10:38 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-01-14 10:38 - 2021-01-14 10:38 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-01-14 10:38 - 2021-01-14 10:38 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-01-14 10:38 - 2021-01-14 10:38 - 000053248 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-01-14 10:37 - 2021-01-14 10:37 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-01-14 10:37 - 2021-01-14 10:37 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-01-14 10:37 - 2021-01-14 10:37 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-01-14 10:37 - 2021-01-14 10:37 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-01-14 10:37 - 2021-01-14 10:37 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-01-14 10:37 - 2021-01-14 10:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-01-14 10:36 - 2021-01-14 10:36 - 001101312 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-01-14 10:36 - 2021-01-14 10:36 - 000458240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-01-14 10:36 - 2021-01-14 10:36 - 000208384 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-01-14 10:35 - 2021-01-14 10:35 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-01-14 10:35 - 2021-01-14 10:35 - 000331264 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-01-14 10:35 - 2021-01-14 10:35 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-01-14 10:35 - 2021-01-14 10:35 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-01-14 10:34 - 2021-01-14 10:34 - 002590720 _____ C:\WINDOWS\system32\dwmscene.dll
2021-01-14 10:34 - 2021-01-14 10:34 - 000549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-01-14 10:34 - 2021-01-14 10:34 - 000186368 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-01-14 10:33 - 2021-01-14 10:33 - 001841152 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-01-14 10:33 - 2021-01-14 10:33 - 000266752 _____ C:\WINDOWS\system32\HeatCore.dll
2021-01-14 10:33 - 2021-01-14 10:33 - 000164864 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-01-14 10:32 - 2021-01-14 10:32 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-01-14 10:32 - 2021-01-14 10:32 - 000453632 _____ C:\WINDOWS\system32\ssdm.dll
2021-01-14 10:32 - 2021-01-14 10:32 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-01-14 10:32 - 2021-01-14 10:32 - 000061440 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-01-13 20:46 - 2021-01-15 13:38 - 000000000 ____D C:\Users\novak\Desktop\kuchyn

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-08 16:37 - 2020-07-09 23:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-08 15:28 - 2020-08-01 05:13 - 000003048 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-08 15:28 - 2020-08-01 05:13 - 000002296 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-08 15:28 - 2020-07-18 07:16 - 000003572 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-08 15:28 - 2020-07-18 07:16 - 000003348 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-08 15:28 - 2020-07-09 23:42 - 000003460 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-08 15:28 - 2020-07-09 23:42 - 000003236 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-08 15:28 - 2020-07-09 23:42 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-699561386-3478598684-2963703645-1001
2021-02-08 15:18 - 2016-01-30 18:56 - 000000000 ____D C:\AdwCleaner
2021-02-08 11:45 - 2020-07-09 11:38 - 000000000 ___RD C:\Users\novak\OneDrive
2021-02-08 11:44 - 2020-08-01 05:13 - 000000000 ____D C:\Program Files\CCleaner
2021-02-08 11:30 - 2020-08-23 17:21 - 000000000 ____D C:\Users\novak\Desktop\foto
2021-02-07 14:31 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-02-06 16:38 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-06 16:38 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-05 16:27 - 2012-09-29 16:33 - 000000000 ____D C:\temp
2021-02-05 09:15 - 2020-07-26 04:37 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-02 20:26 - 2020-07-09 23:25 - 000002372 _____ C:\Users\novak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-01-28 13:39 - 2020-07-09 10:47 - 000000000 ____D C:\Users\novak\AppData\Local\Packages
2021-01-24 21:55 - 2020-07-09 23:25 - 000000000 ____D C:\Users\novak
2021-01-24 10:21 - 2020-07-09 23:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-22 08:06 - 2020-12-18 12:55 - 000000000 ____D C:\Users\novak\AppData\Local\ElevatedDiagnostics
2021-01-19 16:37 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-01-17 17:09 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-15 10:43 - 2020-08-23 17:22 - 000000000 ____D C:\Users\novak\Desktop\hačkovaní
2021-01-14 20:12 - 2020-07-09 23:32 - 001606106 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-14 20:12 - 2019-03-19 12:55 - 000683780 _____ C:\WINDOWS\system32\perfh005.dat
2021-01-14 20:12 - 2019-03-19 12:55 - 000137462 _____ C:\WINDOWS\system32\perfc005.dat
2021-01-14 20:08 - 2020-07-09 10:47 - 000000000 ___RD C:\Users\novak\3D Objects
2021-01-14 20:07 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-01-14 20:05 - 2020-07-09 23:19 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-01-14 20:01 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-01-14 19:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-01-14 19:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\setup
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-01-14 19:56 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Com
2021-01-14 19:55 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-01-14 19:54 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-01-14 19:54 - 2019-03-19 12:58 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\Provisioning
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\IME
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-01-14 19:54 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2021-01-14 10:53 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-14 10:50 - 2020-07-09 13:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-01-14 10:48 - 2020-07-09 13:47 - 135062968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-01-14 10:32 - 2020-07-09 23:23 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 18:10
od ave007
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021
Ran by novak (08-02-2021 17:13:17)
Running from C:\Users\novak\Desktop
Windows 10 Home Version 1909 18363.1316 (X64) (2020-07-09 22:43:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-699561386-3478598684-2963703645-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-699561386-3478598684-2963703645-503 - Limited - Disabled)
defaultuser100001 (S-1-5-21-699561386-3478598684-2963703645-1005 - Limited - Enabled)
Guest (S-1-5-21-699561386-3478598684-2963703645-501 - Limited - Disabled)
novak (S-1-5-21-699561386-3478598684-2963703645-1001 - Administrator - Enabled) => C:\Users\novak
WDAGUtilityAccount (S-1-5-21-699561386-3478598684-2963703645-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 20.10.3157 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-699561386-3478598684-2963703645-1001\...\OneDriveSetup.exe) (Version: 21.002.0104.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{15BCA3AB-444B-4AC5-A04F-F2AD0F7AD3EC}) (Version: 4.2.10 - dotPDN LLC)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
VyčistitPočítač4 (HKLM-x32\...\{FA10498D-9FD0-40F2-B943-817E10C0F837}_is1) (Version: 4.0 - EUROBYTE SOFTWARE s.r.o.)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-17] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.51.4.0_x86__kgqvnymyfvs32 [2021-01-28] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-09-07] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-09] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-01-17] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-699561386-3478598684-2963703645-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\novak\Desktop\139104000_3974798165872887_8705714389580792512_n.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DE37AA8F-CB3B-4436-8608-0B64026B4C5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72C7CC4B-DBFC-4449-B882-3B4626583BEB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2137799D-A444-4A99-A9BC-00D5A1B82254}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2F17AA1-BE73-4F1F-BC0B-BA9DAAB04648}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D6039CD-E525-443C-B725-2DC0DFA024AB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1DB61091-74DE-4E41-9DD1-E26FAA76E2AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B686404F-20B4-4D83-B9CF-DC257F0BB8F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5AD1677-D4F3-4626-9F71-0ED0EB057186}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EBF23521-BF02-4693-8680-4D71C81DD7F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88034E6B-AAFA-43AB-B41E-35DF19FA89F1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A32D22D3-BF02-41BF-94B2-D692A42EAEE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{684A01EB-C19B-4B4B-8456-EB2DF1B2B7EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7F8E9E57-92C3-4F91-8761-4EC07ECD0E45}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

14-01-2021 10:04:50 Windows Update
24-01-2021 10:32:28 Naplánovaný kontrolní bod
01-02-2021 13:17:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/08/2021 03:31:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8668,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 12:02:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6888,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 11:48:46 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7780,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 11:18:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1164,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 11:04:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2584,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 10:57:30 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7788,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 08:25:12 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8704,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (02/08/2021 08:13:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (02/08/2021 03:26:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/08/2021 03:26:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/08/2021 03:26:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (02/08/2021 03:26:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (02/08/2021 03:26:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth Driver Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/08/2021 11:43:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/08/2021 11:32:41 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/08/2021 10:22:49 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JMVUS3P)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2021-01-16 16:28:28.701
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0EFE2529-19B8-4C97-950A-A4E58BEA46DD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-14 12:31:07.539
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C6AF1F40-7735-43BA-84ED-9AFDC662EAB4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-13 09:45:52.255
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4FB68FCC-B0CE-4E2E-825E-4825C4415326}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-11 17:44:53.002
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F850AFFA-77FE-43E3-B7CC-E31648321C59}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-09 11:40:33.882
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {52C21072-EF4A-4BF5-BB86-B3CD2873BB25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-26 09:55:53.925
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1030.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-26 09:11:18.181
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1030.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-25 21:27:23.008
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1030.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-23 10:25:56.017
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.857.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2021-02-08 17:19:57.093
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 17:19:15.254
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 16:10:22.194
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 15:28:26.181
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 15:28:15.303
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 15:27:44.102
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 15:27:23.809
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-08 15:27:18.486
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 5ECN92WW(V8.04) 09/14/2012
Motherboard: LENOVO INVALID
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 80%
Total physical RAM: 3959.77 MB
Available physical RAM: 762.95 MB
Total Virtual: 5429.58 MB
Available Virtual: 1321.34 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:835.94 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) NTFS

\\?\Volume{5d39dc8f-4f57-4b5c-89ed-93dfcce8c3c5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{3b80586e-1d4f-4546-aa3d-57ef5555eca7}\ () (Fixed) (Total:0.44 GB) (Free:0.41 GB) NTFS
\\?\Volume{14c28185-2495-4904-a831-7ba62cbc5c7c}\ (PBR_DRV) (Fixed) (Total:20 GB) (Free:11.4 GB) NTFS
\\?\Volume{a1ca0b60-5599-4cfd-b011-20de90e86b28}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B2318667)

Partition: GPT.

==================== End of Addition.txt =======================

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 08 úno 2021 18:18
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {575DF98B-A51D-4516-913D-DB03DEDED3EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {5C28D0D6-EEE2-494F-AB95-C6CB9D7E21E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 09 úno 2021 13:26
od ave007
Fix result of Farbar Recovery Scan Tool (x64) Version: 08-02-2021 01
Ran by novak (09-02-2021 13:10:44) Run:1
Running from C:\Users\novak\Desktop
Loaded Profiles: novak
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {575DF98B-A51D-4516-913D-DB03DEDED3EC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {5C28D0D6-EEE2-494F-AB95-C6CB9D7E21E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{575DF98B-A51D-4516-913D-DB03DEDED3EC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{575DF98B-A51D-4516-913D-DB03DEDED3EC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C28D0D6-EEE2-494F-AB95-C6CB9D7E21E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C28D0D6-EEE2-494F-AB95-C6CB9D7E21E2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23284159 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 504926 B
Edge => 54501 B
Chrome => 1494826994 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7022 B
NetworkService => 8968 B
novak => 89374849 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:16:42 ====

Re: zavirovaný notebook - pomalé starty, pomalý internet

Napsal: 09 úno 2021 15:30
od Rudy
Smazáno. Nastala nějaká změna?
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz