Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
aldik
Návštěvník
Návštěvník
Příspěvky: 81
Registrován: 24 říj 2007 19:49

Preventivka

#1 Příspěvek od aldik »

Nevím jestli není problém s diskem, je příliš obsazený a není co smazat (velká složka s fotkami je na druhé části a tam místa je relativně dost).

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-10-2022 02
Ran by alice (administrator) on DESKTOP-PJN7KRI (LENOVO 80E5) (03-11-2022 12:28:34)
Running from C:\Users\alice\Downloads
Loaded Profiles: alice
Platform: Microsoft Windows 10 Home Version 21H1 19043.2130 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atieclxx.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <13>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(explorer.exe ->) (ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTray.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0360470.inf_amd64_35c64671e7fac064\B360357\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\Windows\RTFTrack.exe [5166872 2016-08-04] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [212192 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2630016 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\Run: [14B3FC0A7A39F776DA4615F55564CD177F362087._service_run] => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8 (No File)
HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE [680520 2017-01-09] (ZONER software, a.s. -> ZONER software)
GroupPolicy\User: Restriction ? <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11FDA613-A878-4120-974F-0D3781928A1A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1613147354-136639444-1604222446-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4166528 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {75FAE479-DC06-4BD1-8893-1A15F7062611} - System32\Tasks\Avast Emergency Update
Task: {76162F1F-6EF4-4377-93D7-5B6810B36122} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4166528 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD4C6EA5-4A09-4FB3-8EFB-929235EE5220} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {CC4FAEDC-A74D-424B-A473-1C314A89942F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2250576 2022-05-25] (Avast Software s.r.o. -> Avast Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{2b987a6c-d30e-444d-aa10-a23b2adfbeb0}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{7845037c-814a-4406-8b0f-140b12fb4a7c}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-03]
Edge Extension: (Old Layout for Facebook) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\abmkkackbbimmdbfjdilpnfaegaeagge [2022-08-15]
Edge Extension: (LastPass: Free Password Manager) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bbcinlkgjjkejfdpemiealijmmooekmp [2022-11-03]
Edge Extension: (Seznam doplněk - Email) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2022-08-15]
Edge Extension: (Outlook) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-17]
Edge Extension: (Avast Online Security & Privacy) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2022-11-03]
Edge Extension: (Google Mail Checker) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\glbpkcehjkihaknkjifkehdpjfngbdga [2022-08-15]
Edge Extension: (Word) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-17]
Edge Extension: (Excel) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-17]
Edge Extension: (PowerPoint) - C:\Users\alice\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8513552 2022-10-05] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [592608 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [2018528 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [592096 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncHelper.exe [3475328 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.212.1009.0004\OneDriveUpdaterService.exe [3840896 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [42296 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [238128 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [390096 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [258496 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [105920 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [25576 2022-10-13] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [48488 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [276496 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [558536 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [114488 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [90000 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [862960 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [671712 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [221976 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [327904 2022-09-30] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-03 12:28 - 2022-11-03 12:29 - 000015337 _____ C:\Users\alice\Downloads\FRST.txt
2022-11-03 12:28 - 2022-11-03 12:28 - 000000000 ____D C:\FRST
2022-11-03 12:26 - 2022-11-03 12:27 - 002374144 _____ (Farbar) C:\Users\alice\Downloads\FRST64.exe
2022-11-03 12:24 - 2022-11-03 12:24 - 001222144 _____ C:\Users\alice\Downloads\RSITx64.exe
2022-11-03 12:24 - 2022-11-03 12:24 - 000000000 ____D C:\rsit
2022-11-03 12:24 - 2022-11-03 12:24 - 000000000 ____D C:\Program Files\trend micro
2022-10-13 17:40 - 2022-10-13 17:40 - 000025576 _____ (AVAST Software) C:\Windows\system32\Drivers\aswElam.sys
2022-10-13 08:14 - 2022-10-13 08:14 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-10-13 08:14 - 2022-10-13 08:14 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-10-13 08:14 - 2022-10-13 08:14 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-10-13 08:14 - 2022-10-13 08:14 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-10-13 08:14 - 2022-10-13 08:14 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-10-13 08:14 - 2022-10-13 08:14 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-10-13 08:13 - 2022-10-13 08:13 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-10-13 08:05 - 2022-10-13 08:05 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-03 12:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-03 12:09 - 2020-07-14 22:58 - 000000000 ____D C:\Users\alice\AppData\Local\CrashDumps
2022-11-03 12:09 - 2020-07-14 09:59 - 000000000 ____D C:\Windows\Panther
2022-11-03 12:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-03 12:04 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-03 11:52 - 2020-08-29 20:55 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-03 11:52 - 2020-08-29 20:55 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-03 11:43 - 2020-07-14 09:11 - 000000000 ____D C:\Users\alice\AppData\Local\Google
2022-11-03 11:43 - 2020-07-14 09:11 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-03 11:28 - 2020-07-14 09:04 - 000000000 ____D C:\Users\alice
2022-11-03 10:58 - 2020-07-14 09:09 - 000000000 ____D C:\Users\alice\AppData\Local\D3DSCache
2022-11-03 10:56 - 2021-12-11 12:42 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1613147354-136639444-1604222446-1001
2022-11-03 10:56 - 2021-09-04 08:41 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-03 10:56 - 2020-07-16 10:59 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-03 10:56 - 2020-07-16 10:59 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-03 10:54 - 2020-07-14 09:32 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-11-03 10:54 - 2020-07-14 09:32 - 000000000 __SHD C:\Users\alice\IntelGraphicsProfiles
2022-11-03 09:51 - 2020-07-14 08:59 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-03 08:51 - 2020-07-14 10:51 - 000000000 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2022-11-03 08:24 - 2020-07-14 09:09 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-03 08:24 - 2019-12-07 15:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-11-03 08:24 - 2019-12-07 15:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-11-03 08:24 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-10-28 06:22 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-10-25 18:56 - 2021-01-09 15:33 - 000000000 ____D C:\Windows\Minidump
2022-10-22 16:51 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-10-21 12:26 - 2021-03-10 03:06 - 000003220 _____ C:\Windows\system32\Tasks\Intel PTT EK Recertification
2022-10-21 12:26 - 2020-08-29 20:55 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-21 12:26 - 2020-08-29 20:55 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-21 12:26 - 2020-07-14 10:51 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2022-10-21 08:25 - 2020-07-14 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-10-21 08:24 - 2020-07-14 08:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-10-18 21:27 - 2020-07-14 10:49 - 000000000 ____D C:\ProgramData\Avast Software
2022-10-18 21:26 - 2019-12-07 10:03 - 000786432 _____ C:\Windows\system32\config\BBI
2022-10-13 20:21 - 2020-07-14 08:59 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-10-13 20:20 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-10-13 08:18 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2022-10-13 08:18 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2022-10-13 08:13 - 2020-07-14 09:03 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-10-13 08:05 - 2020-07-15 12:13 - 000000000 ____D C:\Windows\system32\MRT
2022-10-13 08:02 - 2020-07-15 12:13 - 147398024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

aldik
Návštěvník
Návštěvník
Příspěvky: 81
Registrován: 24 říj 2007 19:49

Re: Preventivka

#2 Příspěvek od aldik »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2022 02
Ran by alice (03-11-2022 12:31:13)
Running from C:\Users\alice\Downloads
Microsoft Windows 10 Home Version 21H1 19043.2130 (X64) (2020-07-14 08:01:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1613147354-136639444-1604222446-500 - Administrator - Disabled)
alice (S-1-5-21-1613147354-136639444-1604222446-1001 - Administrator - Enabled) => C:\Users\alice
DefaultAccount (S-1-5-21-1613147354-136639444-1604222446-503 - Limited - Disabled)
Guest (S-1-5-21-1613147354-136639444-1604222446-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1613147354-136639444-1604222446-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 22.9.6034 - Avast Software)
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1189.1 - AVAST Software) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Excel (HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.26 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 106.0.1370.52 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.212.1009.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Outlook (HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PowerPoint (HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Word (HKU\S-1-5-21-1613147354-136639444-1604222446-1001\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.10 - ZONER software)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.25.54.0_x64__kgqvnymyfvs32 [2022-10-24] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.91.1.0_x64__kgqvnymyfvs32 [2022-10-25] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_7.3.12.0_x86__h6adky7gbf63m [2022-10-24] (Gameloft SE)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-11-29] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Hawaii Match-3 Mania: Home Design & Matching Puzzle -> C:\Program Files\WindowsApps\828B5831.HawaiiMatch-3Mania_1.27.2700.0_x64__ytsefhwckbdv6 [2022-04-09] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-14] (Microsoft Corporation) [MS Ad]
Microsoft Jigsaw -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJigsaw_2.3.10281.0_x86__8wekyb3d8bbwe [2022-04-25] (Microsoft Studios)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.9291.0_x64__8wekyb3d8bbwe [2022-10-15] (Microsoft Studios) [MS Ad]
Microsoft Minesweeper -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMinesweeper_3.1.9160.0_x86__8wekyb3d8bbwe [2020-10-17] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-22] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0 [2022-10-15] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-30] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-30] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.212.1009.0004\FileSyncShell64.dll [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2022-09-30] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\alice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2020-07-14 09:22 - 2015-08-18 14:42 - 004420608 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 18\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1613147354-136639444-1604222446-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1613147354-136639444-1604222446-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

2021-06-12 10:20 - 2021-06-24 14:16 - 000000508 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.1 DESKTOP-PJN7KRI.mshome.net # 2026 6 2 23 13 16 21 99
192.168.137.225 LGwebOSTV.mshome.net # 2021 7 4 1 13 16 21 99

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1613147354-136639444-1604222446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\alice\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\p8184398.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0B2B40F7-98BC-4E58-97BD-F88CB9CEAF59}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{51987D3B-403F-4EFC-9574-F03F5600C1B9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1DA67DEC-9032-4379-97C9-2CE72CC71E1D}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{89779C34-FA47-4E5A-885E-26E49D9A0220}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{AD9A4D66-D891-45F6-97E4-8FFE51D757A3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D1A25029-3B57-40C0-B16D-17052F8D3C6E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{36123E30-B31B-49FF-A77C-3B31265865E8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{1015B3A5-BC96-4B82-A4BB-0E9479016B95}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D24E3099-62ED-4DD1-B98B-DB8E1523C92B}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{337F2A15-71F5-42DD-A72A-9B062CF65BDE}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{C6BBA1D5-F72B-4BC5-913F-11853F6AF3E0}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DB8E7F5F-9142-4266-A6C1-38DB2D8461C9}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{83BFA185-8B66-454A-890E-E8FB777E6E7E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{6DE6F647-948D-415A-BB74-874D89C660F1}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7636B5EC-3D6A-44F2-8F29-3A360F731F95}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{673021A8-DA59-4534-A10A-64481D4ED701}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E5AAB615-4F55-4DDC-8990-B66FD8E7C7A2}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0C43481F-F286-4C11-B7E5-D849998CDBE7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2585C9E0-0B6D-4FAC-9B4E-C59754A782E8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{4213D3F4-7C20-4C6B-858A-21A467B8DB0E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{FFA0CA29-4CBD-4EC5-9038-B9559D1334DF}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{25DD21D7-3B77-468A-8E51-AAEEA18A0AE3}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{301AC9AA-818E-4561-8F0B-74D69F6E14A7}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{F44CC2BD-2EE3-489F-B41F-682D1349EF6E}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{D2CE76ED-AE87-49B2-92E8-712D29969159}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{2B56318D-A9E0-4828-82CB-FF8C26DD04C8}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{87716851-0C72-4072-8117-DC20646C68AB}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B847FC4D-C08F-4AF4-847D-E5CED0C03904}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{B499C5D5-D8BC-4EDE-8FE4-3C3BAB03C16A}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{31EDB2DF-9BCB-40E7-B0D8-99B9C52A8454}] => (Block) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{E879B24B-E9D9-4DF1-BDB2-BA5042615DBD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6DB5905B-E4A0-4677-B4B8-C141388FFA77}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7A170ED3-A671-4A99-B422-F057A13AC420}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55B8F29E-7BDF-4E31-A6AE-4C6C7CF99CB2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{907FF85D-0495-4AD8-B09F-11BA4CA61597}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F6A436D-B65E-4252-A2B6-5FF043153FDD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F990222A-2892-4ED1-A2EE-173F5D98B649}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F684A645-30A3-4432-A951-C0D7DC09D90E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{674C093F-218F-4C3D-9A3B-76415C149287}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6FAFC946-D4A2-4BA3-8355-49A76D5C29DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58455A2C-A560-40D4-98E3-41FBF6DC526D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{458BC848-0092-4113-B39E-6DB0EC3D4056}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.196.785.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A22C8A66-DB99-4F94-98E8-EABDB013AF16}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\106.0.1370.52\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/03/2022 10:54:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: chrome.exe, verze: 106.0.5249.119, časové razítko: 0x6344693e
Název chybujícího modulu: chrome.exe, verze: 106.0.5249.119, časové razítko: 0x6344693e
Kód výjimky: 0x80000003
Posun chyby: 0x000000000009e3ac
ID chybujícího procesu: 0x16a8
Čas spuštění chybující aplikace: 0x01d8ef6a4e3ec887
Cesta k chybující aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
ID zprávy: f0c81431-6e59-4551-996b-97c28bf0fca8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/02/2022 07:14:27 AM) (Source: ESENT) (EventID: 104) (User: )
Description: wuaueng.dll (31616,T,97) SUS20ClientDataStore: Databázový stroj zastavil instanci (0) s chybou (-1092).



Sekvence interního načasování:
[1] 0.000021 +J(0)
[2] 0.000074 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[3] 0.000095 +J(0) +M(C:0K, Fs:5, WS:20K # 0K, PF:0K # 0K, P:0K)
[4] 0.000017 +J(0)
[5] 0.000002 +J(0)
[6] 0.003093 +J(0) +M(C:0K, Fs:2, WS:-4K # 0K, PF:-5044K # 0K, P:-5044K)
[7] 0.000042 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K)
[8] 0.003127 +J(0) +M(C:0K, Fs:7, WS:-16K # 0K, PF:-44K # 0K, P:-44K)
[9] -
[10] 0.000018 +J(0)
[11] -
[12] 0.000098 +J(0) +M(C:0K, Fs:0, WS:-4K # 0K, PF:-4K # 0K, P:-4K)
[13] 0.000608 +J(0)
[14] 0.000037 +J(0) +M(C:0K, Fs:0, WS:-4K # 0K, PF:-12K # 0K, P:-12K)
[15] 0.000011 +J(0).

Error: (11/02/2022 07:01:13 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-10-09T06:01:13Z. Kód chyby: 0x80070070

Error: (11/02/2022 07:00:43 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-10-09T06:00:43Z. Kód chyby: 0x80070070

Error: (11/02/2022 07:00:13 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Nepodařilo se naplánovat restartování služby Ochrana softwaru na 2122-10-09T06:00:13Z. Kód chyby: 0x80070070

Error: (11/02/2022 07:00:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Solitaire.exe, verze: 0.0.0.0, časové razítko: 0x632073ff
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2130, časové razítko: 0xb0fac6c9
Kód výjimky: 0xe06d7363
Posun chyby: 0x000000000002cd29
ID chybujícího procesu: 0x7c60
Čas spuštění chybující aplikace: 0x01d8ee8059a74b17
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe\Solitaire.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: b4dae141-b537-43bd-9936-0cb2ae96d68b
Úplný název chybujícího balíčku: Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (11/02/2022 06:59:35 AM) (Source: ESENT) (EventID: 471) (User: )
Description: wuaueng.dll (31616,D,11) SUS20ClientDataStore: Operaci č. 849 s databází C:\Windows\SoftwareDistribution\DataStore\DataStore.edb nejde vrátit zpět. Chyba: -529. Všechny budoucí aktualizace databáze se odmítnou.

Error: (11/02/2022 06:59:35 AM) (Source: ESENT) (EventID: 492) (User: )
Description: wuaueng.dll (31616,D,10) SUS20ClientDataStore: Posloupnost souborů protokolů (C:\Windows\SoftwareDistribution\DataStore\Logs\) se zastavila kvůli závažné chybě. Databáze, které používají tuto posloupnost souborů protokolů, už nejde aktualizovat. Vyřešte prosím problémy a restartujte nebo obnovte databázi ze záložní kopie.


System errors:
=============
Error: (11/03/2022 12:09:31 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-PJN7KRI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/03/2022 11:37:43 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-PJN7KRI)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/03/2022 11:36:41 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-PJN7KRI)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/03/2022 11:28:49 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-PJN7KRI)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (11/03/2022 08:21:29 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 1) (User: NT AUTHORITY)
Description: Došlo k závažné chybě hardwaru. Záznam chyby s popisem stavu je obsažen v datové části této události.

Error: (11/02/2022 07:00:04 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-PJN7KRI)
Description: Nelze spustit server DCOM: {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} jako Není k dispozici/Není k dispozici. Došlo k chybě:
3236560897
při provádění příkazu:
C:\Windows\System32\RuntimeBroker.exe -Embedding

Error: (11/01/2022 07:55:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (11/01/2022 07:47:46 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Propojená uživatelská prostředí a telemetrie byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


CodeIntegrity:
===============
Date: 2022-11-03 12:26:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2022-11-03 08:22:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO B0CN95WW 07/31/2015
Motherboard: LENOVO Lenovo G50-80
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 65%
Total physical RAM: 8106.45 MB
Available physical RAM: 2773.69 MB
Total Virtual: 25482.67 MB
Available Virtual: 19348.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:243.53 GB) (Free:0.84 GB) (Model: CT1000MX500SSD1) NTFS
Drive d: (Data) (Fixed) (Total:687.37 GB) (Free:195.4 GB) (Model: CT1000MX500SSD1) NTFS
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:927.72 GB) (Model: WD Elements 1048 USB Device) NTFS

\\?\Volume{1fdc65d6-041c-4b8e-a8a6-2f2c382d3447}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{72d077ce-33d6-470f-87b0-d9baf12d6243}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 983B308F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivka

#3 Příspěvek od JaRon »

ahoj,
Total Virtual: 25482.67 MB
zakaz swapovanie - virtualnu pamat na disku C:
manualne nastav virtualnu pamat na d: s velkostou MIN aj MAX na 12000
restart PC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

aldik
Návštěvník
Návštěvník
Příspěvky: 81
Registrován: 24 říj 2007 19:49

Re: Preventivka

#4 Příspěvek od aldik »

Nastaveno. Ale i tak je Céčko pořád v červených číslech. Buď promazat zbytečné programy (což mě nenapadá co), nebo ještě něco lze pročistit. Možná jestli si Zoner neukládá zbytečně moc dat z upravovaných fotek.

/Tak jo, v nastavení Zoneru zabírají zálohy originálů 145GB :-D Tak to nechám program pročistit. On to není můj počítač, ale mamky a kromě Zoneru a prohlížeče nevím co jiného by používala, takže zakopaný pes by byl jedině v těch dvou.

/Tak odstranění nepoužívaných záloh odebralo ani ne 1GB dat.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15197
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivka

#5 Příspěvek od JaRon »

Vycisti este s CCleanerom
+
Drive c: () (Fixed) (Total:243.53 GB) (Free:0.84 GB) (Model: CT1000MX500SSD1) NTFS
Drive d: (Data) (Fixed) (Total:687.37 GB) (Free:195.4 GB) (Model: CT1000MX500SSD1) NTFS
Prerozdel disk nanovo, ze zoberies 100GB disku d: a pridas to disku c:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět