VIRY.CZ

zdraví a prosím o pomoc. Poslední dobou se mi stává, že noťas úplně zamrzne a musím ho restartovat. Obzvlášť to naštve např. zrovna při platbách kartou, to pak nevím zda platba proběhla a po restartu musím znovu provádět platbu

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2021
Ran by sirot (12-07-2021 19:53:30)
Running from C:\Users\sirot\Desktop
Windows 10 Home Version 20H2 19042.1083 (X64) (2021-04-05 20:20:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1551859246-199576435-3342040479-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1551859246-199576435-3342040479-503 - Limited - Disabled)
Guest (S-1-5-21-1551859246-199576435-3342040479-501 - Limited - Disabled)
sirot (S-1-5-21-1551859246-199576435-3342040479-1001 - Administrator - Enabled) => C:\Users\sirot
WDAGUtilityAccount (S-1-5-21-1551859246-199576435-3342040479-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.2.19.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Viber (HKLM-x32\...\{7DB7FD43-6CB4-4977-A0EB-94EC08BED3B5}) (Version: 15.0.0.0 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1551859246-199576435-3342040479-1001\...\{eb9b0a06-f80d-4346-ac73-18af1b417fc9}) (Version: 15.0.0.0 - 2010-2021 Viber Media S.a.r.l)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-05 22:04 - 2021-04-05 21:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1551859246-199576435-3342040479-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sirot\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1132069.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1551859246-199576435-3342040479-1001\...\StartupApproved\Run: => "Viber"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{819513DB-8744-4D0F-8699-2A9619206B42}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21564A0F-C4C7-4CDE-8CDA-C26CD7098C04}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5586F657-377F-4EFE-8E4C-DB364563C406}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{096A0947-6A34-4C31-B1FE-23B3200FCF91}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3BE305F-D973-42C8-BE73-0C5AFDE9D751}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23A5232C-4F1C-4EBF-AC40-6D8FA11BB791}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ABE84B89-FDBF-4BB2-804B-2A3444498E12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B66E7662-4666-4948-A0D1-2152155626C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{021582C0-A4D4-4C32-8FB8-019E8481698B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-07-2021 17:15:28 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Intel(R) Trusted Execution Engine Interface
Description: Intel(R) Trusted Execution Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: TXEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (07/12/2021 03:52:26 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/11/2021 12:24:15 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/10/2021 09:56:04 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: Systém událostí modelu COM+ nemohl sdružit odběratele pro odběr {FDF967FF-C035-4300-91CD-34261A5C98A7}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 8007071a.

Error: (07/10/2021 11:31:15 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/09/2021 03:14:02 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/08/2021 06:27:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na A-DATA SH93 (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (07/08/2021 06:25:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (07/08/2021 05:13:10 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (07/12/2021 07:27:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:25:26, ‎12.‎07.‎2021) bylo neočekávané.

Error: (07/11/2021 07:29:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:25:59, ‎11.‎07.‎2021) bylo neočekávané.

Error: (07/11/2021 02:38:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2QB9P90)
Description: Server Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/10/2021 03:39:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/10/2021 03:39:50 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).

Error: (07/10/2021 03:36:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (15:33:36, ‎10.‎07.‎2021) bylo neočekávané.

Error: (07/08/2021 07:59:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:57:00, ‎08.‎07.‎2021) bylo neočekávané.

Error: (07/08/2021 07:30:38 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2QB9P90)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
================
Date: 2021-05-16 13:16:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6FC23D58-BAFF-4131-9D27-0B1F0F1A9BA7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-14 18:22:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE1809EE-AF1F-4E72-A901-6BCA79C5DE00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-12 16:33:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BE39E736-76E3-4B60-BD73-B03C50518068}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-11 10:20:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {58231934-DBD4-40CA-9CBC-8F89E7893196}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-10 11:30:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF6FBE86-F34B-41A6-B4DA-FBB75826F939}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-16 11:55:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-05-16 11:55:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-05-16 11:55:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-05-16 11:40:50
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-05-16 11:34:50
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

CodeIntegrity:
===============
Date: 2021-07-12 19:32:02
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.07 09/11/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 80%
Total physical RAM: 3977.98 MB
Available physical RAM: 784.64 MB
Total Virtual: 5257.98 MB
Available Virtual: 1852.44 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:175.95 GB) (Free:87.08 GB) NTFS
Drive d: () (Fixed) (Total:273.23 GB) (Free:244.09 GB) NTFS
Drive f: (A-DATA SH93) (Fixed) (Total:465.76 GB) (Free:149.76 GB) NTFS

\\?\Volume{ca5a3665-0f8e-4427-8d9e-e97c3fe3d496}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{f10360ef-b226-4dc5-a7c8-edf6095818e8}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D4D8FAEF)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: C6B16518)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2021
Ran by sirot (administrator) on DESKTOP-2QB9P90 (Acer Aspire ES1-512) (12-07-2021 19:49:10)
Running from C:\Users\sirot\Desktop
Loaded Profiles: sirot
Platform: Windows 10 Home Version 20H2 19042.1083 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-06-29] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1551859246-199576435-3342040479-1001\...\Run: [Viber] => C:\Users\sirot\AppData\Local\Viber\Viber.exe [53466384 2021-06-14] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4A1783D3-8993-4AAD-9B8B-ED745034022F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {5F079871-E5EE-4F71-ADE8-661BCE70715A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {7BBE54BD-A90F-4B38-BD25-E1E931363E86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDDC30BA-4D5A-40E9-933C-3D8CEF0ACC72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D78F6185-9195-4C0F-8AF7-80EA90313CCE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEC4D0D4-2347-40BA-8C28-80346AA2EB4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d54f72e0-43a7-4314-88b1-8b979a74e193}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f013dfee-1986-409f-944a-410ef2d705d9}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\sirot\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-12]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default [2021-07-12]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com; hxxps://www.prvni-lekarna.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-05]
CHR Extension: (Dokumenty) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-05]
CHR Extension: (Disk Google) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-05]
CHR Extension: (Seznam doplněk - Email) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-04-05]
CHR Extension: (YouTube) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-20]
CHR Extension: (Tabulky) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Save to Facebook) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-06-13]
CHR Extension: (Netpanel) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2021-07-03]
CHR Extension: (Black Blue Nebula) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjbgbhoefhnnoldipdojpenemkdjgfg [2021-04-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-05]
CHR Extension: (Gmail) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
CHR Profile: C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-29] (ESET, spol. s r.o. -> ESET)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-12] (Microsoft Corporation) [File not signed]
S3 cdrombus; C:\WINDOWS\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-19] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169368 2021-06-22] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123424 2021-06-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194728 2021-06-22] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43832 2021-06-22] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70184 2021-06-22] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107408 2021-06-22] (ESET, spol. s r.o. -> ESET)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [59840 2015-11-16] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
S3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-12 19:44 - 2021-07-12 19:49 - 000022400 _____ C:\Users\sirot\Desktop\Addition.txt
2021-07-12 19:37 - 2021-07-12 19:51 - 000012191 _____ C:\Users\sirot\Desktop\FRST.txt
2021-07-12 19:37 - 2021-07-12 19:50 - 000000000 ____D C:\FRST
2021-07-12 19:36 - 2021-07-12 19:36 - 002301440 _____ (Farbar) C:\Users\sirot\Desktop\FRST64.exe
2021-07-10 21:53 - 2021-07-10 21:53 - 000000000 ____D C:\Users\sirot\Desktop\Photos
2021-07-08 18:09 - 2021-07-08 18:09 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 18:09 - 2021-07-08 18:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 18:08 - 2021-07-08 18:08 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 18:08 - 2021-07-08 18:08 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 18:08 - 2021-07-08 18:08 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 18:08 - 2021-07-08 18:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 18:08 - 2021-07-08 18:08 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-08 18:07 - 2021-07-08 18:07 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 18:06 - 2021-07-08 18:06 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 18:06 - 2021-07-08 18:06 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-08 18:06 - 2021-07-08 18:06 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-08 18:06 - 2021-07-08 18:06 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-05 10:33 - 2021-07-05 10:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-06-30 17:58 - 2021-06-30 17:58 - 000002020 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2021-06-25 09:41 - 2021-06-25 10:25 - 000000000 ____D C:\Users\sirot\AppData\Roaming\Mazda
2021-06-25 09:41 - 2021-06-25 09:41 - 000000000 ____D C:\Users\sirot\AppData\Local\CEF
2021-06-25 09:39 - 2021-06-25 09:39 - 000000000 ____D C:\Users\sirot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mazda
2021-06-25 09:38 - 2021-06-25 10:25 - 000000000 ____D C:\Program Files (x86)\Mazda
2021-06-25 09:38 - 2021-06-25 09:38 - 069966360 _____ (NNG Llc.) C:\Users\sirot\Desktop\Mazda-Toolbox-inst.exe
2021-06-23 23:06 - 2021-06-24 11:10 - 000000000 ____D C:\Program Files\NTLite
2021-06-23 22:58 - 2021-06-23 22:58 - 000000000 ____D C:\Users\sirot\AppData\Local\OriginalApplicationSetup
2021-06-23 22:38 - 2021-06-23 22:38 - 000000000 ____D C:\Users\sirot\AppData\Roaming\WinRAR
2021-06-23 22:37 - 2021-06-23 22:37 - 000000000 ____D C:\Users\sirot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-06-23 22:37 - 2021-06-23 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-06-23 22:37 - 2021-06-23 22:37 - 000000000 ____D C:\Program Files\WinRAR
2021-06-22 22:52 - 2021-06-22 22:56 - 000000000 ____D C:\Users\sirot\Desktop\šs fotky nove
2021-06-22 10:39 - 2021-06-22 10:39 - 000000000 ____D C:\Users\sirot\AppData\Local\D3DSCache
2021-06-20 18:17 - 2021-06-20 18:17 - 000000000 ____D C:\Users\sirot\AppData\Local\Viber

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-12 19:48 - 2021-04-05 22:04 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-12 19:48 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-12 19:48 - 2021-04-05 22:00 - 000000000 ____D C:\WINDOWS\INF
2021-07-12 19:43 - 2021-04-05 22:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-12 19:33 - 2021-04-05 22:23 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-12 19:33 - 2021-04-05 22:14 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-12 19:33 - 2021-04-05 22:14 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-12 19:28 - 2021-04-05 22:32 - 000000000 __SHD C:\Users\sirot\IntelGraphicsProfiles
2021-07-12 19:28 - 2021-04-05 22:30 - 000000000 ____D C:\Users\sirot
2021-07-12 19:27 - 2021-04-05 21:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-12 19:27 - 2021-04-05 21:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-12 19:27 - 2021-04-05 21:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-10 21:44 - 2021-04-05 22:32 - 000000000 ____D C:\Users\sirot\AppData\Local\Packages
2021-07-10 11:35 - 2021-04-05 22:16 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-08 19:38 - 2021-04-05 21:39 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-08 19:37 - 2021-04-05 21:55 - 000445728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-08 18:23 - 2021-04-05 21:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-03 09:27 - 2021-04-05 22:15 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-03 09:27 - 2021-04-05 22:15 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-01 16:33 - 2021-04-05 23:07 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-27 19:22 - 2021-04-06 09:39 - 000000000 ____D C:\Users\sirot\Documents\ViberDownloads
2021-06-22 23:50 - 2021-05-09 08:41 - 000123424 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-06-22 23:50 - 2020-10-26 10:28 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000194728 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000169368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000107408 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000070184 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-06-21 09:50 - 2021-04-06 09:38 - 000000000 ____D C:\Users\sirot\AppData\Roaming\ViberPC
2021-06-19 19:54 - 2021-06-10 20:20 - 000000000 ____D C:\Users\sirot\Desktop\šs fotky
2021-06-19 18:22 - 2021-04-06 00:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 07:26 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2021-06-10 18:52 - 2021-06-10 18:52 - 000000001 _____ () C:\Users\sirot\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-06-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2021
# Duration: 00:00:21
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1459 octets] - [13/07/2021 18:50:52]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2021
Ran by sirot (administrator) on DESKTOP-2QB9P90 (Acer Aspire ES1-512) (13-07-2021 19:54:28)
Running from C:\Users\sirot\Desktop
Loaded Profiles: sirot
Platform: Windows 10 Home Version 20H2 19042.1083 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-10] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-06-29] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1551859246-199576435-3342040479-1001\...\Run: [Viber] => C:\Users\sirot\AppData\Local\Viber\Viber.exe [53466384 2021-06-14] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-01] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4A1783D3-8993-4AAD-9B8B-ED745034022F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {5F079871-E5EE-4F71-ADE8-661BCE70715A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {7BBE54BD-A90F-4B38-BD25-E1E931363E86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDDC30BA-4D5A-40E9-933C-3D8CEF0ACC72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D78F6185-9195-4C0F-8AF7-80EA90313CCE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {EEC4D0D4-2347-40BA-8C28-80346AA2EB4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d54f72e0-43a7-4314-88b1-8b979a74e193}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{f013dfee-1986-409f-944a-410ef2d705d9}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\sirot\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-12]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default [2021-07-13]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://www.facebook.com; hxxps://www.prvni-lekarna.cz; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-04-05]
CHR Extension: (Dokumenty) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-04-05]
CHR Extension: (Disk Google) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-05]
CHR Extension: (Seznam doplněk - Email) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2021-07-13]
CHR Extension: (YouTube) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-04-05]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-20]
CHR Extension: (Tabulky) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-04-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-23]
CHR Extension: (Save to Facebook) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2021-06-13]
CHR Extension: (Netpanel) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbidbgoheiddfilfipcobicemncfogno [2021-07-03]
CHR Extension: (Black Blue Nebula) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjbgbhoefhnnoldipdojpenemkdjgfg [2021-04-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-05]
CHR Extension: (Gmail) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-27]
CHR Profile: C:\Users\sirot\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-05]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-29] (ESET, spol. s r.o. -> ESET)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-12] (Microsoft Corporation) [File not signed]
S3 cdrombus; C:\WINDOWS\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-06-19] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-06-19] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169368 2021-06-22] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123424 2021-06-22] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-04-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194728 2021-06-22] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43832 2021-06-22] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70184 2021-06-22] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107408 2021-06-22] (ESET, spol. s r.o. -> ESET)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [59840 2015-11-16] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
S3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421112 2021-05-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-13 18:54 - 2021-07-13 18:55 - 008534696 _____ (Malwarebytes) C:\Users\sirot\Desktop\AdwCleaner.exe
2021-07-13 18:49 - 2021-07-13 18:51 - 000000000 ____D C:\AdwCleaner
2021-07-12 19:37 - 2021-07-13 19:56 - 000011029 _____ C:\Users\sirot\Desktop\FRST.txt
2021-07-12 19:37 - 2021-07-13 19:55 - 000000000 ____D C:\FRST
2021-07-12 19:36 - 2021-07-12 19:36 - 002301440 _____ (Farbar) C:\Users\sirot\Desktop\FRST64.exe
2021-07-10 21:53 - 2021-07-10 21:53 - 000000000 ____D C:\Users\sirot\Desktop\Photos
2021-07-08 18:09 - 2021-07-08 18:09 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 18:09 - 2021-07-08 18:09 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 18:08 - 2021-07-08 18:08 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 18:08 - 2021-07-08 18:08 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 18:08 - 2021-07-08 18:08 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 18:08 - 2021-07-08 18:08 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 18:08 - 2021-07-08 18:08 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-08 18:07 - 2021-07-08 18:07 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 18:06 - 2021-07-08 18:06 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 18:06 - 2021-07-08 18:06 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-08 18:06 - 2021-07-08 18:06 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-08 18:06 - 2021-07-08 18:06 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-05 10:33 - 2021-07-05 10:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-06-30 17:58 - 2021-06-30 17:58 - 000002020 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2021-06-25 09:41 - 2021-06-25 10:25 - 000000000 ____D C:\Users\sirot\AppData\Roaming\Mazda
2021-06-25 09:41 - 2021-06-25 09:41 - 000000000 ____D C:\Users\sirot\AppData\Local\CEF
2021-06-25 09:39 - 2021-06-25 09:39 - 000000000 ____D C:\Users\sirot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mazda
2021-06-25 09:38 - 2021-06-25 10:25 - 000000000 ____D C:\Program Files (x86)\Mazda
2021-06-25 09:38 - 2021-06-25 09:38 - 069966360 _____ (NNG Llc.) C:\Users\sirot\Desktop\Mazda-Toolbox-inst.exe
2021-06-23 23:06 - 2021-06-24 11:10 - 000000000 ____D C:\Program Files\NTLite
2021-06-23 22:58 - 2021-06-23 22:58 - 000000000 ____D C:\Users\sirot\AppData\Local\OriginalApplicationSetup
2021-06-23 22:38 - 2021-06-23 22:38 - 000000000 ____D C:\Users\sirot\AppData\Roaming\WinRAR
2021-06-23 22:37 - 2021-06-23 22:37 - 000000000 ____D C:\Users\sirot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-06-23 22:37 - 2021-06-23 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-06-23 22:37 - 2021-06-23 22:37 - 000000000 ____D C:\Program Files\WinRAR
2021-06-22 22:52 - 2021-06-22 22:56 - 000000000 ____D C:\Users\sirot\Desktop\šs fotky nove
2021-06-22 10:39 - 2021-06-22 10:39 - 000000000 ____D C:\Users\sirot\AppData\Local\D3DSCache
2021-06-20 18:17 - 2021-06-20 18:17 - 000000000 ____D C:\Users\sirot\AppData\Local\Viber

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-07-13 19:19 - 2021-04-05 21:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-13 19:03 - 2021-04-05 22:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-13 18:37 - 2021-04-05 22:32 - 000000000 __SHD C:\Users\sirot\IntelGraphicsProfiles
2021-07-12 20:22 - 2021-04-05 22:30 - 000000000 ____D C:\Users\sirot
2021-07-12 19:48 - 2021-04-05 22:04 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-12 19:48 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-12 19:48 - 2021-04-05 22:00 - 000000000 ____D C:\WINDOWS\INF
2021-07-12 19:33 - 2021-04-05 22:23 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-12 19:33 - 2021-04-05 22:14 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-12 19:33 - 2021-04-05 22:14 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-12 19:27 - 2021-04-05 21:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-12 19:27 - 2021-04-05 21:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-10 21:44 - 2021-04-05 22:32 - 000000000 ____D C:\Users\sirot\AppData\Local\Packages
2021-07-10 11:35 - 2021-04-05 22:16 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-08 19:38 - 2021-04-05 21:39 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-08 19:37 - 2021-04-05 21:55 - 000445728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-08 19:33 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-08 18:23 - 2021-04-05 21:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-03 09:27 - 2021-04-05 22:15 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-03 09:27 - 2021-04-05 22:15 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-01 16:33 - 2021-04-05 23:07 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-27 19:22 - 2021-04-06 09:39 - 000000000 ____D C:\Users\sirot\Documents\ViberDownloads
2021-06-22 23:50 - 2021-05-09 08:41 - 000123424 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-06-22 23:50 - 2020-10-26 10:28 - 000043832 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000194728 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000169368 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000107408 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-06-22 23:50 - 2020-10-26 09:28 - 000070184 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-06-21 09:50 - 2021-04-06 09:38 - 000000000 ____D C:\Users\sirot\AppData\Roaming\ViberPC
2021-06-19 19:54 - 2021-06-10 20:20 - 000000000 ____D C:\Users\sirot\Desktop\šs fotky
2021-06-19 18:22 - 2021-04-06 00:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-17 07:26 - 2021-04-05 22:04 - 000000000 ____D C:\WINDOWS\system32\NDF

==================== Files in the root of some directories ========

2021-06-10 18:52 - 2021-06-10 18:52 - 000000001 _____ () C:\Users\sirot\AppData\Local\llftool.4.40.agreement

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2021
Ran by sirot (13-07-2021 20:00:21)
Running from C:\Users\sirot\Desktop
Windows 10 Home Version 20H2 19042.1083 (X64) (2021-04-05 20:20:12)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1551859246-199576435-3342040479-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1551859246-199576435-3342040479-503 - Limited - Disabled)
Guest (S-1-5-21-1551859246-199576435-3342040479-501 - Limited - Disabled)
sirot (S-1-5-21-1551859246-199576435-3342040479-1001 - Administrator - Enabled) => C:\Users\sirot
WDAGUtilityAccount (S-1-5-21-1551859246-199576435-3342040479-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.2.19.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Mazda Toolbox (HKLM-x32\...\Mazda Toolbox) (Version: - )
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Viber (HKLM-x32\...\{7DB7FD43-6CB4-4977-A0EB-94EC08BED3B5}) (Version: 15.0.0.0 - Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-1551859246-199576435-3342040479-1001\...\{eb9b0a06-f80d-4346-ac73-18af1b417fc9}) (Version: 15.0.0.0 - 2010-2021 Viber Media S.a.r.l)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-08] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2021-06-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2019-06-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-05 22:04 - 2021-04-05 21:59 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1551859246-199576435-3342040479-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sirot\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1132069.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1551859246-199576435-3342040479-1001\...\StartupApproved\Run: => "Viber"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{819513DB-8744-4D0F-8699-2A9619206B42}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21564A0F-C4C7-4CDE-8CDA-C26CD7098C04}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5586F657-377F-4EFE-8E4C-DB364563C406}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{096A0947-6A34-4C31-B1FE-23B3200FCF91}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3BE305F-D973-42C8-BE73-0C5AFDE9D751}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23A5232C-4F1C-4EBF-AC40-6D8FA11BB791}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ABE84B89-FDBF-4BB2-804B-2A3444498E12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B66E7662-4666-4948-A0D1-2152155626C7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{021582C0-A4D4-4C32-8FB8-019E8481698B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

08-07-2021 17:15:28 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Intel(R) Trusted Execution Engine Interface
Description: Intel(R) Trusted Execution Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: TXEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: ========================

Application errors:
==================
Error: (07/13/2021 06:51:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.1081 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2204

Čas spuštění: 01d77806820edd2b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 6f5fe3c3-e1fc-4ce6-b80f-9c85660028d0

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Quiesce

Error: (07/13/2021 06:42:28 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/12/2021 03:52:26 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/11/2021 12:24:15 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/10/2021 09:56:04 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: Systém událostí modelu COM+ nemohl sdružit odběratele pro odběr {FDF967FF-C035-4300-91CD-34261A5C98A7}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 8007071a.

Error: (07/10/2021 11:31:15 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/09/2021 03:14:02 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (07/08/2021 06:27:48 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na A-DATA SH93 (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

System errors:
=============
Error: (07/13/2021 06:56:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (07/13/2021 06:51:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/13/2021 06:51:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AtherosSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/13/2021 06:51:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/13/2021 06:51:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/12/2021 07:27:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:25:26, ‎12.‎07.‎2021) bylo neočekávané.

Error: (07/11/2021 07:29:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:25:59, ‎11.‎07.‎2021) bylo neočekávané.

Error: (07/11/2021 02:38:21 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2QB9P90)
Description: Server Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
================
Date: 2021-05-16 13:16:23
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6FC23D58-BAFF-4131-9D27-0B1F0F1A9BA7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-14 18:22:08
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DE1809EE-AF1F-4E72-A901-6BCA79C5DE00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-12 16:33:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BE39E736-76E3-4B60-BD73-B03C50518068}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-11 10:20:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {58231934-DBD4-40CA-9CBC-8F89E7893196}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-04-10 11:30:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DF6FBE86-F34B-41A6-B4DA-FBB75826F939}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-05-16 11:55:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-05-16 11:55:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-05-16 11:55:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2021-05-16 11:40:50
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-05-16 11:34:50
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.921.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

CodeIntegrity:
===============
Date: 2021-07-13 18:37:46
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-07-12 20:21:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ebehmoni.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde Corp. V1.07 09/11/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Celeron(R) CPU N2940 @ 1.83GHz
Percentage of memory in use: 58%
Total physical RAM: 3977.98 MB
Available physical RAM: 1648.64 MB
Total Virtual: 5257.98 MB
Available Virtual: 2947.77 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:175.95 GB) (Free:86.49 GB) NTFS
Drive d: () (Fixed) (Total:273.23 GB) (Free:244.09 GB) NTFS
Drive f: (A-DATA SH93) (Fixed) (Total:465.76 GB) (Free:149.76 GB) NTFS

\\?\Volume{ca5a3665-0f8e-4427-8d9e-e97c3fe3d496}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{f10360ef-b226-4dc5-a7c8-edf6095818e8}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D4D8FAEF)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: C6B16518)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {4A1783D3-8993-4AAD-9B8B-ED745034022F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {5F079871-E5EE-4F71-ADE8-661BCE70715A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-07-2021
Ran by sirot (14-07-2021 16:06:54) Run:1
Running from C:\Users\sirot\Desktop
Loaded Profiles: sirot
Boot Mode: Normal
==============================================

fixlist content:
*****************
tart

CloseProcesses:
Task: {4A1783D3-8993-4AAD-9B8B-ED745034022F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
Task: {5F079871-E5EE-4F71-ADE8-661BCE70715A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-04-05] (Google LLC -> Google LLC)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EmptyTemp:
End
*****************

tart => Error: No automatic fix found for this entry.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A1783D3-8993-4AAD-9B8B-ED745034022F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A1783D3-8993-4AAD-9B8B-ED745034022F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F079871-E5EE-4F71-ADE8-661BCE70715A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F079871-E5EE-4F71-ADE8-661BCE70715A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 456421671 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 690403 B
Edge => 0 B
Chrome => 423557919 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 152924 B
NetworkService => 102313374 B
sirot => 137393681 B

RecycleBin => 101776335 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:10:48 ====

Amazáno. Nastala nějaká změna?

uvidíme co to bude dělat. Díky moc

Zatím nemáte zač!

VIRY.CZ

zamrznutí

zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí

Re: zamrznutí