Dobrý den, prosím o kontrolu logu, notebook se zpomaluje.
Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Petr (administrator) on LAPTOP-3U0G41HT (Acer Aspire F5-573G) (08-03-2021 07:25:41)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\Messenger.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <28>
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Huawei Technologies Co., Ltd. -> Huawei) [File not signed] C:\Program Files (x86)\HiSuite\HiSuite.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxext.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe <5>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <3>
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe
(Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(ZONER software, a.s. -> ZONER software) C:\Users\Petr\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1903344 2016-02-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [588288 2016-01-08] (Nikon Corporation) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Run: [Spotify] => C:\Users\Petr\AppData\Roaming\Spotify\Spotify.exe [23810120 2021-02-20] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Run: [Discord] => C:\Users\Petr\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Users\Petr\AppData\Local\Programs\Zoner\ZPS X\binary\Program32\ZPSTRAY.EXE [804336 2020-12-02] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\MountPoints2: {51e900fd-318b-11ea-9e17-94e979c63fc2} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\Windows\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-07] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2DBADD74-2A48-4E24-A62F-0FE6F254E1C7} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2766240 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {368D3572-7297-425C-9865-32F9EEA9B106} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {385FAC03-4009-49E5-B70B-5B288D773E09} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {44777E58-FA8A-4471-8C5C-22AEC6DE6D15} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [421792 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {4502671A-1D9D-4AF2-AE7D-0E598F74287F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51A3D60F-A121-4C81-877E-29DD6C855294} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2919840 2016-06-25] (Acer Incorporated -> )
Task: {59312560-359C-41ED-B386-6BC0488D460C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {5A006C31-EF5B-46FE-B345-D6D3C74F47F1} - System32\Tasks\DashlaneUpgradeCheck => net [Argument = start "Dashlane Upgrade Service"]
Task: {638F366A-67C8-4D1B-A435-49AF67408D7D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {838338CD-ECFF-4A02-82DB-8CAF9C43C470} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-06-25] (Acer Incorporated -> )
Task: {8D41472E-74FC-4CD8-8FE1-0CC84F6ABBCE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated)
Task: {A0D3DFBA-FA1D-4850-AB4B-1B612B18E798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
Task: {A6CDE176-9BF5-4C5C-B864-02CA7FE9744E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA74A30D-AC67-4FC7-8DDC-5998C307C807} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {B6AA6CCA-60C9-4BC9-B3EA-05928190D622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
Task: {B906C025-91C4-4421-B356-10F0A011F0D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {C168A97E-6E54-4439-82FC-1D0DEB36890D} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-25] (Acer Incorporated -> )
Task: {C7EDB376-82E6-488C-8DDA-E87ED388CAA5} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {C8D1BCBD-7315-4C2F-B59D-B4EFF3D9C11A} - System32\Tasks\Zoner.Updater.S-1-5-21-3318471048-3354199284-439723813-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [2074824 2021-02-15] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {D18FBC76-EB3D-4396-A0E0-CFB4B887230B} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {D2CFEF0D-0B9F-444D-8D4C-2DF955F81998} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {E1F46BE4-3A8D-48BB-A332-4F4716EDFDC0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd -> Piriform Ltd)
Task: {E7CE31AC-E513-4239-B705-C2D14616AB5C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.10.10.10 10.11.12.13
Tcpip\..\Interfaces\{942a5653-b490-4433-888e-18589b3a2a41}: [DhcpNameServer] 10.10.10.10 10.11.12.13
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-26]
FireFox:
========
FF DefaultProfile: kx9iy1xz.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kx9iy1xz.default [2021-02-11]
FF Homepage: Mozilla\Firefox\Profiles\kx9iy1xz.default -> www.seznam.cz
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\kx9iy1xz.default\Extensions\langpack-cs@firefox.mozilla.org.xpi [2020-01-19]
FF Extension: (Czech (CZ) Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-cs@firefox.mozilla.org [2016-11-24] [Legacy]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-11-24] [Legacy]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-13] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-03-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-03-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2021-03-08]
CHR DownloadDir: C:\Users\Petr\Downloads
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (FoE - Helper) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkagcmloachflbbkfmfiggipaelfamdf [2021-02-17]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-31]
CHR Extension: (Tipli do prohlížeče) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2021-01-24]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-10-31] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [440224 2016-07-29] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [481696 2016-07-29] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-27] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R3 MpKsl424282d2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{050D5B1C-521C-44A3-9ABE-9BAD504310FD}\MpKslDrv.sys [47344 2021-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-08 07:25 - 2021-03-08 07:26 - 000022377 _____ C:\Users\Petr\Desktop\FRST.txt
2021-03-08 07:25 - 2021-03-08 07:25 - 000000000 ____D C:\Users\Petr\Desktop\FRST-OlderVersion
2021-03-08 07:24 - 2021-03-08 07:24 - 002301440 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2021-03-05 13:47 - 2021-03-05 13:47 - 001388820 _____ C:\Users\Petr\Downloads\Minelab X-Terra letak.pdf
2021-03-03 09:15 - 2021-03-03 09:15 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Sun
2021-03-03 09:15 - 2021-03-03 09:15 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Sun
2021-03-03 09:14 - 2021-03-03 09:14 - 000192168 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2021-03-03 09:14 - 2021-03-03 09:14 - 000000000 ____D C:\ProgramData\Oracle
2021-03-03 09:14 - 2021-03-03 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-03-03 09:14 - 2021-03-03 09:14 - 000000000 ____D C:\Program Files\Java
2021-03-03 09:13 - 2021-03-03 09:13 - 083548808 _____ (Oracle Corporation) C:\Users\Petr\Downloads\jre-8u281-windows-x64.exe
2021-03-03 09:03 - 2021-03-03 09:03 - 001702275 _____ C:\Users\Petr\Downloads\AMCR.zip
2021-03-01 20:47 - 2021-03-01 20:47 - 007548447 _____ C:\Users\Petr\Downloads\DPPR_2010_1__0_80960_0_97834.pdf
2021-03-01 10:06 - 2021-03-01 10:06 - 000008569 _____ C:\Users\Petr\Documents\Vývoj spotřeb.xlsx
2021-02-27 12:50 - 2021-02-27 12:50 - 000107996 _____ C:\Users\Petr\Downloads\Cestne_prohlaseni_–_vzor.pdf
2021-02-23 19:02 - 2021-02-23 19:05 - 000000000 ____D C:\Users\TEMP.LAPTOP-3U0G41HT.008
2021-02-12 20:09 - 2021-02-12 20:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 20:09 - 2021-02-12 20:09 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 20:09 - 2021-02-12 20:09 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 20:09 - 2021-02-12 20:09 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 20:08 - 2021-02-12 20:08 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-11 15:06 - 2021-02-11 15:06 - 000128494 _____ C:\Users\Petr\Downloads\web-new-cenik-elektrina-dobu-neurcitou-moo-2020-12-cezdi.pdf
2021-02-11 14:35 - 2021-02-11 14:35 - 000210206 _____ C:\Users\Petr\Downloads\Vypis_poplatku_z_uctu_0-2253374173_z_2020.pdf
2021-02-11 13:40 - 2021-02-11 13:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-08 07:26 - 2018-09-16 14:01 - 000000000 ____D C:\FRST
2021-03-08 07:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-08 07:25 - 2019-10-26 18:32 - 002301440 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2021-03-08 07:17 - 2020-10-02 10:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-08 06:28 - 2020-10-02 10:38 - 000003508 _____ C:\WINDOWS\system32\Tasks\DashlaneUpgradeCheck
2021-03-08 05:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-08 03:54 - 2018-12-29 16:42 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Spotify
2021-03-08 01:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-08 01:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-07 19:27 - 2020-06-09 05:41 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-07 19:27 - 2020-06-09 05:41 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-07 19:27 - 2017-08-31 12:40 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-07 19:27 - 2017-08-31 12:40 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-03-07 19:26 - 2018-02-19 09:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-07 19:24 - 2018-12-29 16:44 - 000000000 ____D C:\Users\Petr\AppData\Local\Spotify
2021-03-05 12:15 - 2021-01-14 20:28 - 000011544 _____ C:\Users\Petr\Documents\cvičení.xlsx
2021-03-05 12:13 - 2020-10-02 10:38 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 12:13 - 2020-10-02 10:38 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-03 08:33 - 2021-01-04 22:09 - 000000000 ____D C:\Users\Petr\AppData\Roaming\discord
2021-03-03 08:01 - 2020-10-02 10:40 - 001693346 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-03 08:01 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-03 08:01 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-03 07:54 - 2020-10-02 10:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-03 07:54 - 2020-10-02 10:27 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-03 07:54 - 2017-09-01 04:11 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2021-03-03 07:54 - 2016-11-24 04:47 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-01 07:30 - 2020-10-02 10:38 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3318471048-3354199284-439723813-1001
2021-03-01 07:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-01 07:29 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-28 22:13 - 2020-10-02 10:32 - 000000000 ____D C:\Users\Petr
2021-02-23 19:06 - 2020-10-02 10:32 - 000002362 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-23 19:06 - 2017-09-01 04:13 - 000000000 ___RD C:\Users\Petr\OneDrive
2021-02-23 19:05 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-22 18:14 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-22 12:18 - 2021-01-23 16:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-18 21:04 - 2020-05-01 08:59 - 000000000 ____D C:\ProgramData\Zoner
2021-02-12 20:24 - 2020-10-02 10:27 - 000440960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 20:23 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 20:23 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-12 19:55 - 2020-10-02 10:38 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-12 19:55 - 2020-09-28 15:28 - 000000000 ___HD C:\$WinREAgent
2021-02-12 19:52 - 2017-09-02 16:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 19:48 - 2017-09-02 16:11 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 19:45 - 2020-11-20 10:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-02-12 19:45 - 2016-11-24 05:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-11 19:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-11 13:40 - 2017-09-02 20:32 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2021-02-11 13:40 - 2016-11-24 05:08 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-09 14:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Petr (08-03-2021 07:27:53)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2020-10-02 09:38:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3318471048-3354199284-439723813-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3318471048-3354199284-439723813-503 - Limited - Disabled)
Guest (S-1-5-21-3318471048-3354199284-439723813-501 - Limited - Disabled)
Petr (S-1-5-21-3318471048-3354199284-439723813-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3318471048-3354199284-439723813-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.07.2004 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3024 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2006 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3007 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 3.02.3001 - Acer Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Capture NX-D (HKLM\...\{2D088846-B670-47AF-91C3-76E0B3E887C3}) (Version: 1.5.3 - Nikon Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
Dashlane Upgrade Service (HKLM-x32\...\Dashlane Upgrade Service) (Version: 2.1.17.0 - Dashlane, Inc.)
Discord (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
eBay Weblink (HKLM-x32\...\{7F3596EF-B661-43EE-A321-AD3C3EB9B525}) (Version: 1.16.0726 - Acer)
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.0.0.510 - )
Intel(R) Chipset Device Software (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 281 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180281F0}) (Version: 8.0.2810.9 - Oracle Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 45.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0 (x86 en-US)) (Version: 45.0 - Mozilla)
Mozilla Firefox 57.0 (x64 cs) (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Mozilla Firefox 57.0 (x64 cs)) (Version: 57.0 - Mozilla)
Mozilla Firefox 82.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.3 (x64 cs)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2 - Mozilla)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Transfer 2 (HKLM-x32\...\{4D5EE11A-0D0A-4214-ABAC-72419F7BE24D}) (Version: 2.13.2 - Nikon Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picture Control Utility 2 (HKLM\...\{46BEAB85-B86A-4AAB-B085-136ECA032CF4}) (Version: 2.4.2 - Nikon Corporation)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8569 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s databází 87)_is1) (Version: - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Spotify) (Version: 1.1.53.608.g7ed9c03a - Spotify AB)
Spotify Weblink (HKLM-x32\...\{8CADF0CB-E834-4019-9B11-B84E051F2A8E}) (Version: 1.16.1210 - Acer)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.6 - TeamSpeak Systems GmbH)
TomTom MyDrive Connect 4.2.8.4052 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.8.4052 - TomTom)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.1 (HKLM\...\VulkanRT1.1.70.1-2) (Version: 1.1.70.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\Wargaming.net Game Center) (Version: 21.0.0.3580 - Wargaming.net)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.200 - McAfee, LLC)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
Zoner Photo Studio X CS (HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-12] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.188.300.0_x86__kgqvnymyfvs32 [2021-03-04] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-03] (Microsoft Corporation)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2017-09-01] (AMZN Mobile LLC)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt [2021-02-22] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-10-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-02] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-27] (MAGIX)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-23] (Netflix, Inc.)
Twitch Player: Live Game Streaming -> C:\Program Files\WindowsApps\42731GoodMediaGroup.VidsTokforTwitchGamingLiveStre_1.1.14.0_x64__wzw6dymc89v9p [2021-02-01] (Good Media Group)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-10-02] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ceddadac8a2b489e\igfxDTCM.dll [2018-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-02-21 17:08 - 2021-02-21 17:11 - 055926272 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\addon.node
2021-02-21 17:08 - 2021-02-22 12:19 - 000762368 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\keytar.node
2021-02-21 17:08 - 2021-02-22 12:19 - 000749568 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\logging.node
2020-10-24 09:13 - 2020-10-24 09:13 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-02-21 17:08 - 2021-02-22 12:19 - 001219072 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\systeminfo.node
2020-10-24 09:13 - 2020-10-24 09:13 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2020-10-24 09:13 - 2020-10-24 09:13 - 000523776 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.data.xml.dom.node
2020-10-24 09:13 - 2020-10-24 09:13 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2020-10-24 09:13 - 2020-10-24 09:13 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.storage.node
2020-10-24 09:13 - 2020-10-24 09:13 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_910.5.119.0_x64__8xx8rvfyw5nnt\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
2019-11-05 16:31 - 2019-11-05 16:31 - 002827600 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\CommBase.dll
2019-11-05 16:32 - 2019-11-05 16:32 - 000499024 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\DuiLib_ext.dll
2019-11-05 16:36 - 2019-11-05 16:36 - 000186704 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\jsondll.dll
2019-11-05 16:44 - 2019-11-05 16:44 - 000073552 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\zlibwapi.dll
2019-11-05 16:38 - 2019-11-05 16:38 - 000418640 _____ (Huawei Technologies Co., Ltd. -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\HiSuite\MSVCP100.dll
2019-11-05 16:39 - 2019-11-05 16:39 - 000771408 _____ (Huawei Technologies Co., Ltd. -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\HiSuite\MSVCR100.dll
2019-11-05 16:37 - 2019-11-05 16:37 - 002138960 _____ (Huawei Technologies Co., Ltd. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HiSuite\libeay32.dll
2019-11-05 16:42 - 2019-11-05 16:42 - 000500560 _____ (Huawei Technologies Co., Ltd. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\HiSuite\ssleay32.dll
2019-11-05 16:30 - 2019-11-05 16:30 - 000133456 _____ (Huawei Technologies Co., Ltd. -> 华为软件技术有限公司 版权所有) [File not signed] C:\Program Files (x86)\HiSuite\AppBase.dll
2019-11-05 16:34 - 2019-11-05 16:34 - 000178000 _____ (Huawei Technologies Co., Ltd. -> 华为软件技术有限公司 版权所有) [File not signed] C:\Program Files (x86)\HiSuite\httpcomponent.dll
2016-11-24 04:47 - 2016-02-17 07:40 - 001249872 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer17win10.msn.com/?pc=ACTE
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_281\bin\ssv.dll [2021-03-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_281\bin\jp2ssv.dll [2021-03-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-12] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2017-12-01 09:02 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\Desktop\JPEG - Archivační kvalita\DSC_1476.jpg
DNS Servers: 10.10.10.10 - 10.11.12.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{4724C80C-7161-4E07-97A4-0BE3CD6BA3FC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{B0E208CF-A9B5-4649-886B-59089C881E43}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FB7ADFE4-B312-492F-B3B9-06FCF0882264}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{C2186DF2-9951-4B04-82E3-C8CEA2951A84}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [UDP Query User{A8343DF5-8E53-4EC1-AE92-2A326B43E76D}D:\petr\hry a programy\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\petr\hry a programy\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B6C4F836-65BA-4A81-9077-0CD438DAB25A}D:\petr\hry a programy\world_of_tanks_eu\win64\worldoftanks.exe] => (Allow) D:\petr\hry a programy\world_of_tanks_eu\win64\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7654B40A-DAD8-4657-AC06-B5B6AB9E4A62}D:\petr\hry a programy\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\petr\hry a programy\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{F5693F89-41DB-4378-BC86-57A5726EF296}D:\petr\hry a programy\world_of_tanks_eu\win32\worldoftanks.exe] => (Allow) D:\petr\hry a programy\world_of_tanks_eu\win32\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{FFF95890-D1C3-4509-81AD-861225B53B9B}D:\petr\hry a programy\world_of_tanks_eu\worldoftanks.exe] => (Allow) D:\petr\hry a programy\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{8B90FC26-2485-455A-ABEE-EA04BE5A670A}D:\petr\hry a programy\world_of_tanks_eu\worldoftanks.exe] => (Allow) D:\petr\hry a programy\world_of_tanks_eu\worldoftanks.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{6499C1EC-9AB5-4BC5-9504-19A1EEF8E319}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{762E0346-3FFB-49B4-839A-9EBBC34AAE28}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6339C7EF-B213-40C9-BC09-1ED094FA5BF0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{0B82475F-6336-46D0-B417-7B70883C5AD5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{7C181A86-49F9-45CC-B706-765C45D8D1A6}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FE039407-13C2-4BA1-8C52-DA7C157A5DEA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{80739CB9-77DF-462B-958F-F66864AC04B3}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{C9F78810-6809-4E73-8E0A-D33C6DCDE1A7}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (Acer Incorporated -> Acer Cloud Technology)
FirewallRules: [{84C9719A-C582-40A1-A8BC-048FD3A0BF3D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{2ECA4D9A-32D2-4F9E-B1AD-36798A4F5509}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{064743A0-4F86-4647-AAD3-C4F48A170108}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe => No File
FirewallRules: [{BAC64667-FB36-433D-AE8B-58A036E619B6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{FBEDF893-4AF5-4AE7-892D-68BD939986BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6D437E21-157C-4009-8A57-1528B7BDAFE3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{18AF7E9A-5077-4704-86A4-182E71E42C75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F08A7A8D-2F9F-4E81-B96D-9B3A3049C9E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A2623D3-1BBB-4AA5-B61B-A0408C282C12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7F1BF49D-E787-4530-A8F9-A6D4D535E686}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8F1EC6C-4164-4FA7-83B0-49104037424A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0D31EC10-AEA5-4805-BB89-7724FBF3987E}C:\users\petr\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\petr\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{97E2D6A2-2CB7-4757-8A94-120EFB0235DA}C:\users\petr\appdata\local\mozilla firefox\firefox.exe] => (Block) C:\users\petr\appdata\local\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7FECAFB-CC68-4EF2-9EB0-80D73CEE42A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{FFBA1C6A-9BC5-496B-8944-0934561549E1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AAF0C178-D0A7-40D6-87DF-D6319DEF6539}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International B.V. -> TomTom)
FirewallRules: [TCP Query User{8BB96916-9E19-40DA-A652-C72C63DD1640}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EE606201-40E9-4816-A9EC-AC3B89F75CFE}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{50E5B5EA-9116-4999-AFDD-F9F4AC12F756}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [UDP Query User{7D45B334-E37A-4BC7-973D-2617700873F0}C:\programdata\wargaming.net\gamecenter\wgc.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [TCP Query User{B304248B-80F4-4766-98E5-C42C17903265}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [UDP Query User{6EE839DE-4E13-4F34-B1EA-34D460CCE83C}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [TCP Query User{DBA3D7FC-903A-41E8-803E-ECB454ADD19C}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{41273428-2169-4726-924E-CAFADA03BDEE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [{A2A22C0B-B338-40C8-B31E-6F6CC1D63667}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F9C3832-DD04-4CE5-8B7B-50EFC9C201AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C8274EC3-3C29-41E0-A7A0-C591A609F91B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9BF474A1-7325-4328-ABE7-8953B4679DFF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A83DACA6-7DC6-4810-ADF5-D28421B3713C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118.13 GB) (Free:50.84 GB) (43%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/07/2021 11:56:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 11:56:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 11:55:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 11:55:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 11:55:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 11:55:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 11:55:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65001 optlen 5 wrong
Error: (03/07/2021 08:00:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Data (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (03/07/2021 07:30:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-3U0G41HT)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/07/2021 07:28:08 PM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-3U0G41HT)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_553ca.
Error: (03/03/2021 07:54:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:57:24, 01.03.2021) bylo neočekávané.
Error: (03/03/2021 07:53:59 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.
Error: (03/01/2021 07:32:03 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:13:35, 28.02.2021) bylo neočekávané.
Error: (03/01/2021 07:31:51 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.
Error: (02/28/2021 09:09:39 AM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-3U0G41HT)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_18f3ea9.
Error: (02/25/2021 06:20:24 PM) (Source: DCOM) (EventID: 10029) (User: LAPTOP-3U0G41HT)
Description: U aktivace identifikátoru CLSID Windows.Media.Capture.AppCaptureManager vypršel časový limit během čekání na zastavení služby BcastDVRUserService_18f3ea9.
Windows Defender:
================
Date: 2021-03-05 12:39:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {51525A93-687E-4AFF-8892-FFB611EC8F8F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-04 13:34:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D2C8F0C5-E77F-4376-A336-6FE839E8413D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-02-28 10:48:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3A492C7B-9756-4A7B-881D-80A69A4F175F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-02-27 13:41:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E8B8CB9F-1B39-4839-96AA-8A554D30762E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-02-25 21:11:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {71D324AA-B645-4F1E-98D4-99052DA8BB0E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
==================== Memory info ===========================
BIOS: Insyde Corp. V1.15 09/19/2016
Motherboard: Acer Captain_SK
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 65%
Total physical RAM: 8060.13 MB
Available physical RAM: 2770.14 MB
Total Virtual: 13180.13 MB
Available Virtual: 6364.36 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:118.13 GB) (Free:50.84 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:822.11 GB) NTFS
\\?\Volume{9de95d95-342a-44fa-b2bf-f04dcf3ebb70}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.51 GB) NTFS
\\?\Volume{43720e57-ec68-4078-bfae-6e84bc898c1c}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 695FBB9F)
Partition: GPT.
==========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 695FB9DB)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalejší notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalejší notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalejší notebook
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-08-2021
# Duration: 00:00:12
# OS: Windows 10 Home
# Scanned: 3749
# Detected: 41
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C168A97E-6E54-4439-82FC-1D0DEB36890D}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838338CD-ECFF-4A02-82DB-8CAF9C43C470}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C168A97E-6E54-4439-82FC-1D0DEB36890D}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerConfigurationManager Folder C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA74A30D-AC67-4FC7-8DDC-5998C307C807}
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258}
Preinstalled.AcerConfigurationManager Task C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerJumpstart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DBADD74-2A48-4E24-A62F-0FE6F254E1C7}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44777E58-FA8A-4471-8C5C-22AEC6DE6D15}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7CE31AC-E513-4239-B705-C2D14616AB5C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
AdwCleaner[S00].txt - [4057 octets] - [16/09/2018 16:26:16]
AdwCleaner[C00].txt - [3711 octets] - [16/09/2018 16:26:39]
AdwCleaner_Debug.log - [85490 octets] - [27/10/2019 05:34:44]
AdwCleaner[S01].txt - [7450 octets] - [27/10/2019 05:35:16]
AdwCleaner[C01].txt - [2377 octets] - [27/10/2019 05:36:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-08-2021
# Duration: 00:00:12
# OS: Windows 10 Home
# Scanned: 3749
# Detected: 41
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C168A97E-6E54-4439-82FC-1D0DEB36890D}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838338CD-ECFF-4A02-82DB-8CAF9C43C470}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C168A97E-6E54-4439-82FC-1D0DEB36890D}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerConfigurationManager Folder C:\Program Files (x86)\ACER\AMUNDSEN\2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AA74A30D-AC67-4FC7-8DDC-5998C307C807}
Preinstalled.AcerConfigurationManager Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AcerCMUpdateTask2.1.16258
Preinstalled.AcerConfigurationManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{414D554E-4453-454E-0201-000000016258}
Preinstalled.AcerConfigurationManager Task C:\Windows\System32\Tasks\ACERCMUPDATETASK2.1.16258
Preinstalled.AcerJumpstart Folder C:\Program Files (x86)\ACER\ACER JUMPSTART
Preinstalled.AcerJumpstart Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}
Preinstalled.AcerPortal Folder C:\Program Files (x86)\ACER\ACER PORTAL
Preinstalled.AcerPortal Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2DBADD74-2A48-4E24-A62F-0FE6F254E1C7}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44777E58-FA8A-4471-8C5C-22AEC6DE6D15}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Power Button
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\POWER BUTTON
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7CE31AC-E513-4239-B705-C2D14616AB5C}
Preinstalled.AcerUEIPFramework Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UbtFrameworkService
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUEIPFramework Task C:\Windows\System32\Tasks\UBTFRAMEWORKSERVICE
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabBox Registry HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
AdwCleaner[S00].txt - [4057 octets] - [16/09/2018 16:26:16]
AdwCleaner[C00].txt - [3711 octets] - [16/09/2018 16:26:39]
AdwCleaner_Debug.log - [85490 octets] - [27/10/2019 05:34:44]
AdwCleaner[S01].txt - [7450 octets] - [27/10/2019 05:35:16]
AdwCleaner[C01].txt - [2377 octets] - [27/10/2019 05:36:30]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalejší notebook
Toto je OK. Preinstaled jsou utility od Aceru, které není třeba mazat. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\MountPoints2: {51e900fd-318b-11ea-9e17-94e979c63fc2} - "F:\HiSuiteDownLoader.exe"
Task: {A0D3DFBA-FA1D-4850-AB4B-1B612B18E798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
Task: {B6AA6CCA-60C9-4BC9-B3EA-05928190D622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [UDP Query User{4724C80C-7161-4E07-97A4-0BE3CD6BA3FC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{B0E208CF-A9B5-4649-886B-59089C881E43}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FB7ADFE4-B312-492F-B3B9-06FCF0882264}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{C2186DF2-9951-4B04-82E3-C8CEA2951A84}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{B304248B-80F4-4766-98E5-C42C17903265}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [UDP Query User{6EE839DE-4E13-4F34-B1EA-34D460CCE83C}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [TCP Query User{DBA3D7FC-903A-41E8-803E-ECB454ADD19C}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{41273428-2169-4726-924E-CAFADA03BDEE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalejší notebook
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Petr (08-03-2021 14:19:39) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\MountPoints2: {51e900fd-318b-11ea-9e17-94e979c63fc2} - "F:\HiSuiteDownLoader.exe"
Task: {A0D3DFBA-FA1D-4850-AB4B-1B612B18E798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
Task: {B6AA6CCA-60C9-4BC9-B3EA-05928190D622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [UDP Query User{4724C80C-7161-4E07-97A4-0BE3CD6BA3FC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{B0E208CF-A9B5-4649-886B-59089C881E43}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FB7ADFE4-B312-492F-B3B9-06FCF0882264}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{C2186DF2-9951-4B04-82E3-C8CEA2951A84}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{B304248B-80F4-4766-98E5-C42C17903265}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [UDP Query User{6EE839DE-4E13-4F34-B1EA-34D460CCE83C}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [TCP Query User{DBA3D7FC-903A-41E8-803E-ECB454ADD19C}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{41273428-2169-4726-924E-CAFADA03BDEE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51e900fd-318b-11ea-9e17-94e979c63fc2} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0D3DFBA-FA1D-4850-AB4B-1B612B18E798}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0D3DFBA-FA1D-4850-AB4B-1B612B18E798}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6AA6CCA-60C9-4BC9-B3EA-05928190D622}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6AA6CCA-60C9-4BC9-B3EA-05928190D622}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Petr\Desktop\výpověď telefon.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\Petr\Desktop\výpověď telefon.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\Petr\Desktop\Úmrtní list.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\Petr\Desktop\Úmrtní list.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4724C80C-7161-4E07-97A4-0BE3CD6BA3FC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0E208CF-A9B5-4649-886B-59089C881E43}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB7ADFE4-B312-492F-B3B9-06FCF0882264}C:\program files\zoner\photo studio 19\program32\mediaserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2186DF2-9951-4B04-82E3-C8CEA2951A84}C:\program files\zoner\photo studio 19\program32\mediaserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B304248B-80F4-4766-98E5-C42C17903265}C:\games\world_of_tanks_eu\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6EE839DE-4E13-4F34-B1EA-34D460CCE83C}C:\games\world_of_tanks_eu\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DBA3D7FC-903A-41E8-803E-ECB454ADD19C}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{41273428-2169-4726-924E-CAFADA03BDEE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 168089597 B
Java, Flash, Steam htmlcache => 1830 B
Windows/system/drivers => 1469057 B
Edge => 43034 B
Chrome => 386291674 B
Firefox => 276626444 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 323518 B
Petr => 119682414 B
RecycleBin => 11997014 B
EmptyTemp: => 930.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:20:54 ====
Ran by Petr (08-03-2021 14:19:39) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\...\MountPoints2: {51e900fd-318b-11ea-9e17-94e979c63fc2} - "F:\HiSuiteDownLoader.exe"
Task: {A0D3DFBA-FA1D-4850-AB4B-1B612B18E798} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
Task: {B6AA6CCA-60C9-4BC9-B3EA-05928190D622} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848 2017-08-31] (Google Inc -> Google Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\výpověď telefon.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:3or4kl4x13tuuug3Byamue2s4b [83]
AlternateDataStreams: C:\Users\Petr\Desktop\Úmrtní list.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
FirewallRules: [UDP Query User{4724C80C-7161-4E07-97A4-0BE3CD6BA3FC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [TCP Query User{B0E208CF-A9B5-4649-886B-59089C881E43}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe] => (Allow) C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe => No File
FirewallRules: [UDP Query User{FB7ADFE4-B312-492F-B3B9-06FCF0882264}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{C2186DF2-9951-4B04-82E3-C8CEA2951A84}C:\program files\zoner\photo studio 19\program32\mediaserver.exe] => (Block) C:\program files\zoner\photo studio 19\program32\mediaserver.exe => No File
FirewallRules: [TCP Query User{B304248B-80F4-4766-98E5-C42C17903265}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [UDP Query User{6EE839DE-4E13-4F34-B1EA-34D460CCE83C}C:\games\world_of_tanks_eu\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_eu\worldoftanks.exe => No File
FirewallRules: [TCP Query User{DBA3D7FC-903A-41E8-803E-ECB454ADD19C}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
FirewallRules: [UDP Query User{41273428-2169-4726-924E-CAFADA03BDEE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe] => (Allow) C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-3318471048-3354199284-439723813-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{51e900fd-318b-11ea-9e17-94e979c63fc2} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0D3DFBA-FA1D-4850-AB4B-1B612B18E798}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0D3DFBA-FA1D-4850-AB4B-1B612B18E798}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6AA6CCA-60C9-4BC9-B3EA-05928190D622}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6AA6CCA-60C9-4BC9-B3EA-05928190D622}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Petr\Desktop\výpověď telefon.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\Petr\Desktop\výpověď telefon.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
C:\Users\Petr\Desktop\Úmrtní list.jpeg => ":3or4kl4x13tuuug3Byamue2s4b" ADS could not remove.
C:\Users\Petr\Desktop\Úmrtní list.jpeg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{4724C80C-7161-4E07-97A4-0BE3CD6BA3FC}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B0E208CF-A9B5-4649-886B-59089C881E43}C:\programdata\wargaming.net\gamecenter\dlls\wgc_renderer.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{FB7ADFE4-B312-492F-B3B9-06FCF0882264}C:\program files\zoner\photo studio 19\program32\mediaserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C2186DF2-9951-4B04-82E3-C8CEA2951A84}C:\program files\zoner\photo studio 19\program32\mediaserver.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B304248B-80F4-4766-98E5-C42C17903265}C:\games\world_of_tanks_eu\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6EE839DE-4E13-4F34-B1EA-34D460CCE83C}C:\games\world_of_tanks_eu\worldoftanks.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{DBA3D7FC-903A-41E8-803E-ECB454ADD19C}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{41273428-2169-4726-924E-CAFADA03BDEE}C:\program files\windowsapps\facebook.317180b0bb486_730.2.121.0_x64__8xx8rvfyw5nnt\app\messenger.exe" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 168089597 B
Java, Flash, Steam htmlcache => 1830 B
Windows/system/drivers => 1469057 B
Edge => 43034 B
Chrome => 386291674 B
Firefox => 276626444 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 323518 B
Petr => 119682414 B
RecycleBin => 11997014 B
EmptyTemp: => 930.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 14:20:54 ====
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalejší notebook
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalejší notebook
Ano, o poznání rychlejší. Děkuji
-
Rudy
- Site Admin
- Příspěvky: 119412
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalejší notebook
To jsem rád a nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?