Velmi pomalý chod NTB, procesor na 100%
Napsal: 04 dub 2021 10:12
Dobrý den,
rád bych poprosil o kontrolu Logu. Předem moc děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Ran by Mamka a taťka (administrator) on DESKTOP-1FPBJIJ (LENOVO 81HL) (04-04-2021 11:01:37)
Running from C:\Users\Mamka a taťka\Desktop
Loaded Profiles: Mamka a taťka
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc32.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_7177cf092021a5b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_79ffdc5b7f66bb58\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_79ffdc5b7f66bb58\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_eab4a3cc9d877ce2\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_eab4a3cc9d877ce2\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Mamka a taťka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-1481426235-2738210657-3485090854-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {083FDD92-4B46-4AE2-82E9-BAF8451BC3D5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {0CD5A7B1-9E71-4007-83B8-16C0D0B6A753} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {1C12C3D8-8D8A-41DE-891A-52672D8CEBAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {385AA657-10E0-4622-82E8-865F3EF7D571} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41E5E1D4-84A2-46CC-8BF6-E4F3B615BACF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {508605AE-247D-4E69-AE2D-3FBC89C608A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {71FF3053-0A80-4BB0-B0AD-39702861F048} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-27] (Google Inc -> Google Inc.)
Task: {9D1E9286-26EB-4D2A-9085-4691B2EE5A56} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {C14FD7F8-8589-4AD2-A231-65D73BCFB284} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-27] (Google Inc -> Google Inc.)
Task: {E18B6A04-3E48-4C5C-8A44-8B48266E2EAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.200.55.161 81.200.48.13 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{2a1b4270-c285-4b96-8535-ca7573241bb2}: [DhcpNameServer] 81.200.55.161 81.200.48.13 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{cf192880-4ac5-46f7-86f9-381d7fbbe1e5}: [DhcpNameServer] 81.19.33.2 81.19.34.2
Edge:
=======
Edge Profile: C:\Users\Mamka a taťka\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-04]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default [2021-04-04]
CHR Notifications: Default -> hxxps://live-stream365.com; hxxps://meet.google.com
CHR HomePage: Default -> hxxp://seznam.cz/
CHR Extension: (Prezentace) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-27]
CHR Extension: (Dokumenty) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-27]
CHR Extension: (Disk Google) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-27]
CHR Extension: (Tabulky) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602632 2018-08-27] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [360320 2019-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\NisSrv.exe [2624112 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MsMpEng.exe [128384 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-11-28] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50280 2019-04-05] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82472 2019-04-05] (ESET, spol. s r.o. -> ESET)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-04 11:01 - 2021-04-04 11:04 - 000012145 _____ C:\Users\Mamka a taťka\Desktop\FRST.txt
2021-04-04 11:00 - 2021-04-04 11:03 - 000000000 ____D C:\FRST
2021-04-04 10:59 - 2021-04-04 11:00 - 002298368 _____ (Farbar) C:\Users\Mamka a taťka\Desktop\FRST64.exe
2021-03-16 14:13 - 2021-03-16 14:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-16 14:12 - 2021-03-16 14:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-16 14:12 - 2021-03-16 14:12 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-16 14:12 - 2021-03-16 14:12 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-16 14:11 - 2021-03-16 14:11 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-16 14:11 - 2021-03-16 14:11 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-16 14:10 - 2021-03-16 14:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-16 14:10 - 2021-03-16 14:10 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-16 14:10 - 2021-03-16 14:10 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-16 14:10 - 2021-03-16 14:10 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-16 14:09 - 2021-03-16 14:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-04 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-04 10:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-04 10:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-04 10:53 - 2019-01-27 14:24 - 000000000 ____D C:\Users\Mamka a taťka\AppData\Local\Packages
2021-04-04 10:52 - 2020-09-30 14:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-04 10:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-04 10:44 - 2019-06-08 18:35 - 000000000 ____D C:\Users\Mamka a taťka\AppData\Local\D3DSCache
2021-04-04 10:41 - 2020-12-01 12:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-04 10:41 - 2019-05-04 12:46 - 000000000 ____D C:\Program Files\CCleaner
2021-04-04 10:38 - 2019-01-27 14:23 - 000000000 __SHD C:\Users\Mamka a taťka\IntelGraphicsProfiles
2021-04-03 11:32 - 2020-06-08 20:46 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-01 09:29 - 2019-01-27 14:43 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-31 09:08 - 2019-01-18 20:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-27 16:46 - 2020-12-07 20:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-25 16:52 - 2020-12-07 21:06 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-18 11:18 - 2020-12-07 21:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-18 11:18 - 2020-12-07 20:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-18 11:18 - 2020-06-19 19:31 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-03-18 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-16 14:54 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-16 14:51 - 2020-12-07 20:36 - 000349128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-16 14:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-13 12:33 - 2020-12-07 21:06 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1481426235-2738210657-3485090854-1002
2021-03-13 12:33 - 2020-12-07 20:40 - 000002389 _____ C:\Users\Mamka a taťka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-13 12:33 - 2019-01-27 14:27 - 000000000 ___RD C:\Users\Mamka a taťka\OneDrive
2021-03-12 14:21 - 2019-03-06 16:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 12:56 - 2019-01-18 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 12:36 - 2019-01-18 14:30 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 14:44 - 2020-12-07 21:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-05 21:49 - 2021-01-20 11:45 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ccc9b9f3b914
2021-03-05 21:49 - 2020-12-07 21:06 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by Mamka a taťka (04-04-2021 11:08:13)
Running from C:\Users\Mamka a taťka\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-12-07 19:07:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1481426235-2738210657-3485090854-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1481426235-2738210657-3485090854-503 - Limited - Disabled)
Guest (S-1-5-21-1481426235-2738210657-3485090854-501 - Limited - Disabled)
Mamka a taťka (S-1-5-21-1481426235-2738210657-3485090854-1002 - Administrator - Enabled) => C:\Users\Mamka a taťka
WDAGUtilityAccount (S-1-5-21-1481426235-2738210657-3485090854-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
K-Lite Codec Pack 5.7.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.7.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1481426235-2738210657-3485090854-1002\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1970.1.0_x86__kgqvnymyfvs32 [2021-03-07] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_11.1.3.0_x86__m9bz608c1b9ra [2021-02-06] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220 [2021-03-14] (Dolby Laboratories)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20201.249.0_x64__rz1tebttyb220 [2020-02-23] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2020-02-24] (Fitbit)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-06] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-04] (INTEL CORP) [Startup Task]
SmartAudio 2 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio2_1.1.53.0_x86__qt57b6kdvhcfw [2021-03-16] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [92160 2012-01-25] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-03-14 19:33 - 2021-03-14 19:34 - 000168960 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220\DAXRPCClient.dll
2021-03-14 19:33 - 2021-03-14 19:34 - 037922304 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-13 21:17 - 2020-04-13 21:17 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220\e_sqlite3.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1481426235-2738210657-3485090854-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 81.200.55.161 - 81.200.48.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ABDB51E8-DBBF-4379-9E7B-670EFA80DEFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4541E440-A315-4250-88E2-1DAD26C8132C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02FA126B-B595-4D85-A758-61D9036A5324}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8538656F-1BFE-4447-9A7B-D82A8FC01B09}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D2D5A9D-F555-44AF-BC1C-997026B38560}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
15-01-2021 18:27:23 Instalační služba modulů systému Windows
13-02-2021 18:16:01 Instalační služba modulů systému Windows
14-03-2021 19:23:04 Instalační služba modulů systému Windows
04-04-2021 10:51:49 Odebráno: Microsoft Update Health Tools
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/04/2021 10:50:18 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (03/21/2021 08:27:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.844 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1784
Čas spuštění: 01d71e7fb9f32946
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 753b167c-ca00-4196-a9b9-473f28c84dc8
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (03/06/2021 03:51:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2ae4
Čas spuštění: 01d7128fafb890a8
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 5538a5d7-3950-45ec-baac-68fe0add5bb0
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (01/16/2021 05:50:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mousocoreworker.exe, verze: 10.0.19041.746, časové razítko: 0xcba13983
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xd0c
Čas spuštění chybující aplikace: 0x01d6ec1f580cb05a
Cesta k chybující aplikaci: C:\Windows\System32\mousocoreworker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: b6792a17-e2ac-4ddf-9154-561f07d58fcb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/16/2021 05:40:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/16/2021 05:40:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/16/2021 05:40:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/16/2021 05:40:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (04/02/2021 09:09:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/02/2021 08:52:20 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (04/01/2021 09:48:39 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/31/2021 09:13:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/26/2021 10:25:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/26/2021 10:25:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2021 06:03:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/23/2021 10:58:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-01-22 20:38:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB9BA5E8-5A7B-47A8-8779-7B8E4695DEDF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-22 19:53:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {77C4675B-6704-4D57-8AC5-641EFAB2BEA4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-10 15:00:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08BD08E7-E33C-447D-85F4-5D6A049CF470}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-16 13:00:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.322.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-02-20 16:42:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1299.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2021-04-04 10:44:00
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO 6VCN25WW 06/14/2018
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 82%
Total physical RAM: 3911.84 MB
Available physical RAM: 702.37 MB
Total Virtual: 6874.97 MB
Available Virtual: 3040.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.45 GB) (Free:839.79 GB) NTFS
\\?\Volume{c37392fe-6578-442f-a809-64a5b8e7c339}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{d3342d3f-b9c0-429c-9f5a-0496796d8dfb}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
\\?\Volume{80077249-7c0f-4548-a088-47266da1517c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
==================== End of FRST.txt ========================
rád bych poprosil o kontrolu Logu. Předem moc děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Ran by Mamka a taťka (administrator) on DESKTOP-1FPBJIJ (LENOVO 81HL) (04-04-2021 11:01:37)
Running from C:\Users\Mamka a taťka\Desktop
Loaded Profiles: Mamka a taťka
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc32.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_7177cf092021a5b2\OneApp.IGCC.WinService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_79ffdc5b7f66bb58\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_79ffdc5b7f66bb58\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_eab4a3cc9d877ce2\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_eab4a3cc9d877ce2\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Mamka a taťka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-1481426235-2738210657-3485090854-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-01] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {083FDD92-4B46-4AE2-82E9-BAF8451BC3D5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {0CD5A7B1-9E71-4007-83B8-16C0D0B6A753} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {1C12C3D8-8D8A-41DE-891A-52672D8CEBAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {385AA657-10E0-4622-82E8-865F3EF7D571} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {41E5E1D4-84A2-46CC-8BF6-E4F3B615BACF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {508605AE-247D-4E69-AE2D-3FBC89C608A7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {71FF3053-0A80-4BB0-B0AD-39702861F048} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-27] (Google Inc -> Google Inc.)
Task: {9D1E9286-26EB-4D2A-9085-4691B2EE5A56} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {C14FD7F8-8589-4AD2-A231-65D73BCFB284} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-01-27] (Google Inc -> Google Inc.)
Task: {E18B6A04-3E48-4C5C-8A44-8B48266E2EAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MpCmdRun.exe [566376 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 81.200.55.161 81.200.48.13 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{2a1b4270-c285-4b96-8535-ca7573241bb2}: [DhcpNameServer] 81.200.55.161 81.200.48.13 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{cf192880-4ac5-46f7-86f9-381d7fbbe1e5}: [DhcpNameServer] 81.19.33.2 81.19.34.2
Edge:
=======
Edge Profile: C:\Users\Mamka a taťka\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-04]
FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default [2021-04-04]
CHR Notifications: Default -> hxxps://live-stream365.com; hxxps://meet.google.com
CHR HomePage: Default -> hxxp://seznam.cz/
CHR Extension: (Prezentace) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-01-27]
CHR Extension: (Dokumenty) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-27]
CHR Extension: (Disk Google) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-27]
CHR Extension: (Tabulky) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-01-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Mamka a taťka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-20]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602632 2018-08-27] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [360320 2019-09-05] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\NisSrv.exe [2624112 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.3-0\MsMpEng.exe [128384 2021-03-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-11-28] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50280 2019-04-05] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82472 2019-04-05] (ESET, spol. s r.o. -> ESET)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-31] (Microsoft Windows -> Microsoft Corporation)
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-04 11:01 - 2021-04-04 11:04 - 000012145 _____ C:\Users\Mamka a taťka\Desktop\FRST.txt
2021-04-04 11:00 - 2021-04-04 11:03 - 000000000 ____D C:\FRST
2021-04-04 10:59 - 2021-04-04 11:00 - 002298368 _____ (Farbar) C:\Users\Mamka a taťka\Desktop\FRST64.exe
2021-03-16 14:13 - 2021-03-16 14:13 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-16 14:12 - 2021-03-16 14:12 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-16 14:12 - 2021-03-16 14:12 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-16 14:12 - 2021-03-16 14:12 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-16 14:11 - 2021-03-16 14:11 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-16 14:11 - 2021-03-16 14:11 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-16 14:10 - 2021-03-16 14:10 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-16 14:10 - 2021-03-16 14:10 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-16 14:10 - 2021-03-16 14:10 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-16 14:10 - 2021-03-16 14:10 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-16 14:09 - 2021-03-16 14:09 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-04-04 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-04 10:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-04 10:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-04 10:53 - 2019-01-27 14:24 - 000000000 ____D C:\Users\Mamka a taťka\AppData\Local\Packages
2021-04-04 10:52 - 2020-09-30 14:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-04 10:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-04 10:44 - 2019-06-08 18:35 - 000000000 ____D C:\Users\Mamka a taťka\AppData\Local\D3DSCache
2021-04-04 10:41 - 2020-12-01 12:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-04 10:41 - 2019-05-04 12:46 - 000000000 ____D C:\Program Files\CCleaner
2021-04-04 10:38 - 2019-01-27 14:23 - 000000000 __SHD C:\Users\Mamka a taťka\IntelGraphicsProfiles
2021-04-03 11:32 - 2020-06-08 20:46 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-01 09:29 - 2019-01-27 14:43 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-31 09:08 - 2019-01-18 20:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-27 16:46 - 2020-12-07 20:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-25 16:52 - 2020-12-07 21:06 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-18 11:18 - 2020-12-07 21:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-18 11:18 - 2020-12-07 20:35 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-18 11:18 - 2020-06-19 19:31 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-03-18 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-16 14:54 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-16 14:51 - 2020-12-07 20:36 - 000349128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-16 14:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-16 14:27 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-13 12:33 - 2020-12-07 21:06 - 000003396 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1481426235-2738210657-3485090854-1002
2021-03-13 12:33 - 2020-12-07 20:40 - 000002389 _____ C:\Users\Mamka a taťka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-13 12:33 - 2019-01-27 14:27 - 000000000 ___RD C:\Users\Mamka a taťka\OneDrive
2021-03-12 14:21 - 2019-03-06 16:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-12 12:56 - 2019-01-18 14:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 12:36 - 2019-01-18 14:30 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 14:44 - 2020-12-07 21:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-03-05 21:49 - 2021-01-20 11:45 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ccc9b9f3b914
2021-03-05 21:49 - 2020-12-07 21:06 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-03-2021
Ran by Mamka a taťka (04-04-2021 11:08:13)
Running from C:\Users\Mamka a taťka\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-12-07 19:07:36)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1481426235-2738210657-3485090854-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1481426235-2738210657-3485090854-503 - Limited - Disabled)
Guest (S-1-5-21-1481426235-2738210657-3485090854-501 - Limited - Disabled)
Mamka a taťka (S-1-5-21-1481426235-2738210657-3485090854-1002 - Administrator - Enabled) => C:\Users\Mamka a taťka
WDAGUtilityAccount (S-1-5-21-1481426235-2738210657-3485090854-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
K-Lite Codec Pack 5.7.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.7.0 - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.68 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1481426235-2738210657-3485090854-1002\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1970.1.0_x86__kgqvnymyfvs32 [2021-03-07] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_11.1.3.0_x86__m9bz608c1b9ra [2021-02-06] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220 [2021-03-14] (Dolby Laboratories)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20201.249.0_x64__rz1tebttyb220 [2020-02-23] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2020-02-24] (Fitbit)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-06] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-04] (INTEL CORP) [Startup Task]
SmartAudio 2 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio2_1.1.53.0_x86__qt57b6kdvhcfw [2021-03-16] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINDOWS\system32\ff_vfw.dll [92160 2012-01-25] () [File not signed]
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-03-14 19:33 - 2021-03-14 19:34 - 000168960 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220\DAXRPCClient.dll
2021-03-14 19:33 - 2021-03-14 19:34 - 037922304 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-13 21:17 - 2020-04-13 21:17 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.7.2026.0_x64__rz1tebttyb220\e_sqlite3.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\pdm.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1481426235-2738210657-3485090854-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 81.200.55.161 - 81.200.48.13
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{ABDB51E8-DBBF-4379-9E7B-670EFA80DEFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4541E440-A315-4250-88E2-1DAD26C8132C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{02FA126B-B595-4D85-A758-61D9036A5324}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8538656F-1BFE-4447-9A7B-D82A8FC01B09}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1D2D5A9D-F555-44AF-BC1C-997026B38560}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
15-01-2021 18:27:23 Instalační služba modulů systému Windows
13-02-2021 18:16:01 Instalační služba modulů systému Windows
14-03-2021 19:23:04 Instalační služba modulů systému Windows
04-04-2021 10:51:49 Odebráno: Microsoft Update Health Tools
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/04/2021 10:50:18 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (03/21/2021 08:27:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.844 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1784
Čas spuštění: 01d71e7fb9f32946
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 753b167c-ca00-4196-a9b9-473f28c84dc8
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (03/06/2021 03:51:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SearchApp.exe verze 10.0.19041.546 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2ae4
Čas spuštění: 01d7128fafb890a8
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID hlášení: 5538a5d7-3950-45ec-baac-68fe0add5bb0
Úplný název balíčku s chybou: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: CortanaUI
Typ zablokování: Quiesce
Error: (01/16/2021 05:50:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mousocoreworker.exe, verze: 10.0.19041.746, časové razítko: 0xcba13983
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.546, časové razítko: 0x43cbc11d
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007287e
ID chybujícího procesu: 0xd0c
Čas spuštění chybující aplikace: 0x01d6ec1f580cb05a
Cesta k chybující aplikaci: C:\Windows\System32\mousocoreworker.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: b6792a17-e2ac-4ddf-9154-561f07d58fcb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/16/2021 05:40:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/16/2021 05:40:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (01/16/2021 05:40:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (01/16/2021 05:40:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (04/02/2021 09:09:36 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {D63B10C5-BB46-4990-A94F-E40B9D520160} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/02/2021 08:52:20 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (04/01/2021 09:48:39 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/31/2021 09:13:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/26/2021 10:25:29 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/26/2021 10:25:26 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/25/2021 06:03:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/23/2021 10:58:35 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-1FPBJIJ)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2021-01-22 20:38:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EB9BA5E8-5A7B-47A8-8779-7B8E4695DEDF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-01-22 19:53:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {77C4675B-6704-4D57-8AC5-641EFAB2BEA4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-12-10 15:00:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {08BD08E7-E33C-447D-85F4-5D6A049CF470}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-03-16 13:00:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.333.322.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17900.7
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-02-20 16:42:19
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1299.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2021-04-04 10:44:00
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO 6VCN25WW 06/14/2018
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 82%
Total physical RAM: 3911.84 MB
Available physical RAM: 702.37 MB
Total Virtual: 6874.97 MB
Available Virtual: 3040.63 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.45 GB) (Free:839.79 GB) NTFS
\\?\Volume{c37392fe-6578-442f-a809-64a5b8e7c339}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{d3342d3f-b9c0-429c-9f5a-0496796d8dfb}\ () (Fixed) (Total:0.51 GB) (Free:0.07 GB) NTFS
\\?\Volume{80077249-7c0f-4548-a088-47266da1517c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
==================== End of FRST.txt ========================