Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, vysoké vytížení CPU

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ja1316
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 02:25

Prosím o kontrolu, vysoké vytížení CPU

#1 Příspěvek od ja1316 »

Prosím o kontrolu, vysoké vytížení CPU

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by ja131 (administrator) on DESKTOP-DMIP7NM (Gigabyte Technology Co., Ltd. EP35C-DS3R) (18-03-2023 04:39:42)
Running from C:\Users\ja131\Desktop
Loaded Profiles: ja131
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCopyAccelerator.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (LAVALYS -> Lavalys, Inc.) C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\Run: [MicrosoftEdgeAutoLaunch_2A7011BB158D945C104FE50EF6949705] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2022-11-30]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2022-11-30]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2023-01-16]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (J.M. Driver, LLC -> Lynx Technology)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2FCD28F3-B619-4A06-AB65-2284D1A418C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {569B9FFB-3C84-4B78-8479-2AB7A125E777} - System32\Tasks\EVEREST AutoStart => C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe [2465888 2010-03-30] (LAVALYS -> Lavalys, Inc.)
Task: {5763922E-0C75-45F3-98D6-7CC1B9E94B85} - System32\Tasks\GoogleUpdateTaskMachineUA{F55F866E-D24E-4039-99C3-2298A1A0D3A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
Task: {63D5A23F-251A-4694-B16C-928096060EEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {69B51D20-4639-44B4-98A2-E8CDA9C53E3E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2e7103bd-157b-42ca-8a42-8ba56edc2444" --version "6.09.10300" --silent
Task: {703EE882-EA3E-4A6A-917F-A0AF48EC6262} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B53E548-6F00-42AB-9BE4-A436B99FDC03} - System32\Tasks\GoogleUpdateTaskMachineCore{1A7BD178-B46A-4311-A8FE-316DA76E284C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
Task: {8183959F-C4E5-4571-BAA6-5482CACCEEE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1EF4AEA-9873-419D-920E-3DE7FFC25D0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C5F16B45-C452-4E01-BCF4-DE60BCDCB537} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {C6FF66AC-E1AC-4B4B-83B8-B3B1910A0575} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {DA158E44-36ED-4857-9058-952CF3B6F0A7} - System32\Tasks\NCH Software\SwitchDowngrade => C:\Program Files (x86)\NCH Software\Switch\switch.exe [3998920 2022-08-31] (NCH Software, Inc. -> NCH Software)
Task: {DCCC38B4-5903-4EBF-8605-781D0AB887F4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {E3E1343F-CF14-404F-8A3F-D9594CEFB6A2} - System32\Tasks\CCleanerSkipUAC - ja131 => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{9db95bce-aa3a-4cae-b71b-9f0941f61f5e}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge Profile: C:\Users\ja131\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-18]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default [2023-03-18]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (trigger-translation) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-03-03]
CHR Extension: (S3.Translator) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2023-03-18]
CHR Extension: (AdBlock Max - Blokovač reklam) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdpplfehdighdpleoegjefnpefgpgfh [2023-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-12]
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-18]
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-03-14]
CHR HomePage: Profile 1 -> hxxp://seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://seznam.cz/"
CHR Extension: (trigger-translation) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-03-03]
CHR Extension: (S3.Translator) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\debnnjfbneojbmioajinefnflopdohjk [2023-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-03]
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S4 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia TECHNOLOGIES, Inc -> AVerMedia)
S4 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe [3224328 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe [133592 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer871BDA; C:\Windows\System32\Drivers\AVer9303.sys [323096 2016-10-28] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia)
R3 EverestDriver; C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [26752 2010-03-30] (LAVALYS -> )
R3 MpKsl2128006b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{36925F47-77EB-48F4-A0B1-DF892D15503A}\MpKslDrv.sys [211208 2023-03-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49624 2023-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495912 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-18 04:39 - 2023-03-18 04:40 - 000013129 _____ C:\Users\ja131\Desktop\FRST.txt
2023-03-18 04:39 - 2023-03-18 04:40 - 000000000 ____D C:\FRST
2023-03-18 04:35 - 2023-03-18 04:35 - 002378752 _____ (Farbar) C:\Users\ja131\Desktop\FRST64.exe
2023-03-15 18:51 - 2023-03-15 18:51 - 000189828 _____ C:\Users\ja131\Downloads\1373 vyúčtování uživatelů JM 2021 SVJ (1).pdf
2023-03-15 06:44 - 2023-03-15 06:44 - 000000000 ___HD C:\$WinREAgent
2023-03-15 00:19 - 2023-03-15 00:19 - 001444746 _____ C:\Users\ja131\Downloads\c22d47189390b59f848dcf3e90d650958f6b3c4cdd58cb0b302539ee5d9727f193adc2ccfeadca1ad86c2526134f57f9c687d1dc444b0a60b1604b13bfb5cf15 (1).pdf
2023-03-14 13:53 - 2023-03-14 13:53 - 000083177 _____ C:\Users\ja131\Downloads\mKonto_nr_1703 _za_2023-02.pdf
2023-03-14 13:52 - 2023-03-14 13:52 - 000030427 _____ C:\Users\ja131\Downloads\Vyúčtování výnosů pro SVJ 2021.pdf
2023-03-14 13:48 - 2023-03-14 13:48 - 000457993 _____ C:\Users\ja131\Downloads\2021_2013730081.pdf
2023-03-14 13:48 - 2023-03-14 13:48 - 000189828 _____ C:\Users\ja131\Downloads\1373 vyúčtování uživatelů JM 2021 SVJ.pdf
2023-03-14 12:02 - 2023-03-14 12:02 - 000228626 _____ C:\Users\ja131\Downloads\FAKTURA_Petr_Hrdina_BI01 (1).pdf
2023-03-14 12:01 - 2023-03-14 12:01 - 000228626 _____ C:\Users\ja131\Downloads\FAKTURA_Petr_Hrdina_BI01.pdf
2023-03-12 09:50 - 2023-03-12 09:50 - 001444746 _____ C:\Users\ja131\Downloads\c22d47189390b59f848dcf3e90d650958f6b3c4cdd58cb0b302539ee5d9727f193adc2ccfeadca1ad86c2526134f57f9c687d1dc444b0a60b1604b13bfb5cf15.pdf
2023-03-11 08:34 - 2023-03-11 08:34 - 000001412 _____ C:\Users\ja131\Downloads\priloha_1153515257_1_VypisROS.csv
2023-03-11 08:33 - 2023-03-11 08:33 - 000179947 _____ C:\Users\ja131\Downloads\priloha_1153494209_0_zprava.pdf
2023-03-11 08:32 - 2023-03-11 08:32 - 000096948 _____ C:\Users\ja131\Downloads\priloha_1153515257_0_VypisROS.pdf
2023-03-11 07:22 - 2023-03-11 07:22 - 000008192 _____ C:\Users\ja131\Downloads\SIPO_banky.xls
2023-03-10 11:16 - 2023-03-10 11:16 - 011339610 _____ C:\Users\ja131\Downloads\AS_129712_VHX-7000_C_626P22_KIB_CZ_2122_5.pdf
2023-03-08 21:56 - 2023-03-08 21:56 - 043540046 _____ C:\Users\ja131\Downloads\Industrial_Supply_Czech (2).pdf
2023-03-08 21:11 - 2023-03-08 21:11 - 043540046 _____ C:\Users\ja131\Downloads\Industrial_Supply_Czech (1).pdf
2023-03-07 19:55 - 2023-03-07 19:56 - 043540046 _____ C:\Users\ja131\Downloads\Industrial_Supply_Czech.pdf
2023-02-28 08:25 - 2023-02-28 08:25 - 224357286 _____ C:\Users\ja131\Downloads\Blaupunkt.TravelPilot.DX.2013-2014.Poland.Czech.Republic-www.SKODAHOME.cz.rar
2023-02-28 08:22 - 2023-02-28 08:22 - 688099328 _____ C:\Users\ja131\Downloads\RNS_510_FW_3980_update-www.skodahome.cz.iso
2023-02-28 08:21 - 2023-02-28 08:22 - 509673020 _____ C:\Users\ja131\Downloads\RNS_510_FW_3980_update-www.skodahome.cz.rar
2023-02-24 11:12 - 2023-02-24 11:12 - 000012042 _____ C:\Users\ja131\Downloads\index.pdf
2023-02-21 20:37 - 2023-02-21 20:37 - 000379848 _____ C:\Users\ja131\Downloads\Rozhodnutí KÚ o změně rozhodnutí o přestupku.pdf
2023-02-16 16:40 - 2023-02-16 16:40 - 000724006 _____ C:\Users\ja131\Downloads\ua-010123.pdf
2023-02-16 16:25 - 2023-02-16 16:25 - 003749418 _____ C:\Users\ja131\Downloads\imgcache (2).0
2023-02-16 16:23 - 2023-02-16 16:23 - 003749418 _____ C:\Users\ja131\Downloads\imgcache (1).0
2023-02-16 16:10 - 2023-02-16 16:10 - 000028600 _____ C:\Users\ja131\Downloads\history001.dat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-18 04:32 - 2022-12-08 09:03 - 000000000 ____D C:\Users\ja131\AppData\Local\CrashDumps
2023-03-18 04:23 - 2022-10-12 12:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-18 04:20 - 2022-10-12 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-18 04:19 - 2022-10-12 13:28 - 000000000 ____D C:\Windows\system32\MRT
2023-03-18 04:15 - 2022-10-12 13:28 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-18 04:10 - 2022-12-12 20:51 - 000007623 _____ C:\Users\ja131\AppData\Local\Resmon.ResmonCfg
2023-03-18 03:58 - 2022-10-24 10:59 - 000000000 ____D C:\Program Files\CCleaner
2023-03-18 03:58 - 2022-10-12 12:06 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-18 03:58 - 2022-10-12 12:06 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-17 15:21 - 2022-10-12 14:10 - 000000000 ____D C:\Users\ja131\AppData\Local\D3DSCache
2023-03-17 12:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-17 12:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-17 12:18 - 2023-01-16 17:21 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-17 12:18 - 2022-10-12 12:06 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-17 12:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-16 22:46 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-16 22:42 - 2022-10-12 12:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-15 07:10 - 2022-10-12 12:13 - 001693664 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-15 07:10 - 2019-12-07 15:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2023-03-15 07:10 - 2019-12-07 15:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2023-03-15 07:06 - 2022-10-12 12:06 - 000294584 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-15 07:06 - 2022-10-12 12:06 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-15 07:06 - 2022-10-12 12:06 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-15 07:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-15 07:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-15 07:06 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-15 06:51 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-15 06:48 - 2022-10-12 12:10 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-14 23:54 - 2022-12-21 19:15 - 000000000 ____D C:\Users\ja131\AppData\Roaming\MPC-HC
2023-03-09 08:33 - 2022-10-12 12:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-07 12:46 - 2023-01-12 14:30 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-07 12:46 - 2022-12-16 00:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-07 12:46 - 2022-12-15 23:25 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-07 12:33 - 2022-10-12 12:06 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-04 11:00 - 2022-12-20 21:11 - 000000000 ____D C:\Users\ja131\AppData\Roaming\vlc
2023-02-27 11:13 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-27 11:13 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-27 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-27 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-22 06:01 - 2022-10-24 10:59 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-02-21 21:06 - 2022-10-24 10:59 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-02-21 21:06 - 2022-10-24 10:59 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-02-21 06:07 - 2022-10-12 12:14 - 000000000 ____D C:\Users\ja131
2023-02-16 23:46 - 2022-12-19 08:05 - 000000000 ____D C:\Users\ja131\Desktop\Spaces
2023-02-16 23:16 - 2022-10-12 12:23 - 000000000 ____D C:\Users\ja131\AppData\Local\PlaceholderTileLogoFolder
2023-02-16 16:16 - 2022-10-12 12:21 - 000000000 ____D C:\Users\ja131\AppData\Local\Packages

==================== Files in the root of some directories ========

2022-11-13 23:35 - 2022-12-16 00:21 - 000099384 _____ () C:\Users\ja131\AppData\Roaming\inst.exe
2022-11-13 23:35 - 2022-12-16 00:21 - 000007859 _____ () C:\Users\ja131\AppData\Roaming\pcouffin.cat
2022-11-13 23:35 - 2022-12-16 00:21 - 000001167 _____ () C:\Users\ja131\AppData\Roaming\pcouffin.inf
2022-11-13 23:35 - 2022-12-16 00:21 - 000000055 _____ () C:\Users\ja131\AppData\Roaming\pcouffin.log
2022-11-13 23:35 - 2022-12-16 00:21 - 000082816 _____ (VSO Software) C:\Users\ja131\AppData\Roaming\pcouffin.sys
2022-12-12 20:51 - 2023-03-18 04:10 - 000007623 _____ () C:\Users\ja131\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by ja131 (18-03-2023 04:41:41)
Running from C:\Users\ja131\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) (2022-10-12 11:09:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1838826172-258241280-2038725832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1838826172-258241280-2038725832-503 - Limited - Disabled)
Guest (S-1-5-21-1838826172-258241280-2038725832-501 - Limited - Disabled)
ja131 (S-1-5-21-1838826172-258241280-2038725832-1001 - Administrator - Enabled) => C:\Users\ja131
WDAGUtilityAccount (S-1-5-21-1838826172-258241280-2038725832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20064 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.23.9 - Ashampoo GmbH & Co. KG)
AVerMedia TD310 USB Pure DVB-T/T2/C 14.7.64.18 (HKLM-x32\...\AVerMedia TD310 USB Pure DVB-T/T2/C) (Version: 14.7.64.18 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.4.24 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
DVD to ISO (HKLM-x32\...\{646E7341-F4F6-46E1-A6AE-2A91FED3F0E8}_is1) (Version: - dvdtoiso.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IsoBuster [64bit] (HKLM\...\IsoBuster64bit_is1) (Version: 5.1 - Smart Projects)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 10.40 - NCH Software)
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 8.5.1.0 - Lynx Technology)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation)
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.91.6552.0_x64__8wekyb3d8bbwe [2023-03-06] (Microsoft Corporation) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Smart Projects\IsoBuster;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AVerRemote => 2
MSCONFIG\Services: AVerScheduleService => 2
HKLM\...\StartupApproved\StartupFolder: => "AVerQuick.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AVer HID Receiver.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Twonky Server.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "UniConverterUpdateHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2A7011BB158D945C104FE50EF6949705"
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E296CA85-AC7D-4FB0-B8F3-57F8843D6ACA}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [{01EA58A5-07AB-49D5-BB3E-E91F4A9C0608}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [TCP Query User{2F71BCAE-0521-4517-8CD3-D8AAD57D172E}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [UDP Query User{50F03797-124F-434D-BE5B-2FA03BE3CCDB}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [{1626DBB3-FB21-4E89-BE0F-D21B7C7440F1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{81CD2077-E35A-478A-991F-02AC67FF1B23}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

25-02-2023 15:06:41 Instalační služba modulů systému Windows
06-03-2023 13:09:34 Naplánovaný kontrolní bod
13-03-2023 17:00:39 Naplánovaný kontrolní bod
15-03-2023 06:44:26 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2023 04:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.19041.1949, časové razítko: 0xbbdb3e51
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2728, časové razítko: 0xe7e53a4e
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fd12
ID chybujícího procesu: 0x1aa8
Čas spuštění chybující aplikace: 0x01d9594a31bc8696
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 00ec4d4a-660f-447e-99f2-c9cae260aad4
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (03/15/2023 06:44:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/14/2023 11:46:08 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/14/2023 01:21:42 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/14/2023 01:21:10 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/13/2023 05:00:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/10/2023 05:57:54 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (G:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (03/10/2023 05:57:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na uloziste (F:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/03/2023 10:35:44 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku H: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.

Error: (03/03/2023 10:35:44 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku H: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v offline režimu.

Error: (03/03/2023 10:35:16 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk4\DR4 má chybný blok.

Error: (03/03/2023 10:35:08 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk4\DR4 má chybný blok.

Error: (02/21/2023 05:29:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (3:02:18, ‎21.‎02.‎2023) bylo neočekávané.

Error: (02/20/2023 06:54:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WSearch bylo dosaženo časového limitu (30000 ms).

Error: (02/20/2023 06:53:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WSearch bylo dosaženo časového limitu (30000 ms).

Error: (02/20/2023 06:53:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WSearch bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2023-03-15 15:18:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A535F560-93CF-4DC4-9A46-DB80CB2BCDC1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-14 12:49:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5FF8E5C6-D661-4168-8D6E-830F353B4CF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-13 16:54:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D3928A61-00CA-4657-A457-135028E1F9D6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-12 05:51:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {294957AC-DD42-4430-8C92-219F537CD269}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-10 17:57:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6112ED70-8257-4EFC-B3FE-281179A63ED5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-02-10 04:39:55
Description:
Antivirová ochrana v programu Microsoft Defender ëпģΐⁿě ħäš ьëĕи ŧĕгmιйатеď δũ℮ ŧǿ άи úηєжрэςŧэδ ěгřοґ.%л %ŧ₣ąĭļųŕé Ŧγφэ:%ьChyba%π %ţĘхςëрŧïσπ сόđë:%ь0xc0000005%и %ťЃéśøµŗć℮:%ьfile:C:\Users\ja131\AppData\Roaming\Microsoft\Windows\Recent\07 - Goodbye Blue Sky.flac.lnk%π %τĘⁿģїŋε €óðě:%ь%7

CodeIntegrity:
===============
Date: 2023-02-10 04:40:00
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 06/18/2009
Motherboard: Gigabyte Technology Co., Ltd. EP35C-DS3R
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 71%
Total physical RAM: 3070.48 MB
Available physical RAM: 871.08 MB
Total Virtual: 3582.48 MB
Available Virtual: 1022.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.58 GB) (Free:284.34 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: WDC WD5000AVDS-73U7B1) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Moj_první) (Fixed) (Total:232.88 GB) (Free:232.78 GB) (Model: WDC WD2500KS-00MJB0) NTFS
Drive f: (uloziste) (Fixed) (Total:465.76 GB) (Free:84.24 GB) (Model: WDC WD5000AVCS-632DY1) NTFS
Drive g: () (Fixed) (Total:465.66 GB) (Free:384.24 GB) (Model: WDC WD5000AVDS-73U7B1) NTFS
Drive i: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{df30df30-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{df30df30-0000-0000-0000-60a86f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4779AE1A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 504D58B8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: DF30DF30)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)

==========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 000F3183)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, vysoké vytížení CPU

#2 Příspěvek od Rudy »

Zdravím!
Spuťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ja1316
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 02:25

Re: Prosím o kontrolu, vysoké vytížení CPU

#3 Příspěvek od ja1316 »

Zdravím, zde je log:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-18-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.2728)
# Cleaned: 8
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2203 octets] - [18/03/2023 13:18:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, vysoké vytížení CPU

#4 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ja1316
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 02:25

Re: Prosím o kontrolu, vysoké vytížení CPU

#5 Příspěvek od ja1316 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2023
Ran by ja131 (administrator) on DESKTOP-DMIP7NM (Gigabyte Technology Co., Ltd. EP35C-DS3R) (18-03-2023 19:52:40)
Running from C:\Users\ja131\Desktop
Loaded Profiles: ja131
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (LAVALYS -> Lavalys, Inc.) C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\Run: [MicrosoftEdgeAutoLaunch_2A7011BB158D945C104FE50EF6949705] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4056016 2023-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-09] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2022-11-30]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2022-11-30]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2023-01-16]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (J.M. Driver, LLC -> Lynx Technology)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2FCD28F3-B619-4A06-AB65-2284D1A418C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {569B9FFB-3C84-4B78-8479-2AB7A125E777} - System32\Tasks\EVEREST AutoStart => C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe [2465888 2010-03-30] (LAVALYS -> Lavalys, Inc.)
Task: {5763922E-0C75-45F3-98D6-7CC1B9E94B85} - System32\Tasks\GoogleUpdateTaskMachineUA{F55F866E-D24E-4039-99C3-2298A1A0D3A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
Task: {5CB54CBA-DEEF-4930-B57B-92F4C4D60E2A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5F7C5FB8-8804-4061-986A-2AAAE538D0EF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "2e7103bd-157b-42ca-8a42-8ba56edc2444" --version "6.10.10347" --silent
Task: {63D5A23F-251A-4694-B16C-928096060EEA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {703EE882-EA3E-4A6A-917F-A0AF48EC6262} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7B53E548-6F00-42AB-9BE4-A436B99FDC03} - System32\Tasks\GoogleUpdateTaskMachineCore{1A7BD178-B46A-4311-A8FE-316DA76E284C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
Task: {8183959F-C4E5-4571-BAA6-5482CACCEEE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1EF4AEA-9873-419D-920E-3DE7FFC25D0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MpCmdRun.exe [1645864 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C6FF66AC-E1AC-4B4B-83B8-B3B1910A0575} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {DA158E44-36ED-4857-9058-952CF3B6F0A7} - System32\Tasks\NCH Software\SwitchDowngrade => C:\Program Files (x86)\NCH Software\Switch\switch.exe [3998920 2022-08-31] (NCH Software, Inc. -> NCH Software)
Task: {DCCC38B4-5903-4EBF-8605-781D0AB887F4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {E3E1343F-CF14-404F-8A3F-D9594CEFB6A2} - System32\Tasks\CCleanerSkipUAC - ja131 => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{9db95bce-aa3a-4cae-b71b-9f0941f61f5e}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge Profile: C:\Users\ja131\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-18]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-03-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default [2023-03-18]
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (trigger-translation) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-03-03]
CHR Extension: (S3.Translator) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\debnnjfbneojbmioajinefnflopdohjk [2023-03-18]
CHR Extension: (AdBlock Max - Blokovač reklam) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdpplfehdighdpleoegjefnpefgpgfh [2023-03-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-12]
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-03-18]
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-03-18]
CHR HomePage: Profile 1 -> hxxp://seznam.cz/
CHR StartupUrls: Profile 1 -> "hxxp://seznam.cz/"
CHR Extension: (trigger-translation) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cofdbpoegempjloogbagkncekinflcnj [2023-03-03]
CHR Extension: (S3.Translator) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\debnnjfbneojbmioajinefnflopdohjk [2023-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ja131\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-03]
CHR Profile: C:\Users\ja131\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S4 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia TECHNOLOGIES, Inc -> AVerMedia)
S4 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [226976 2023-02-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\NisSrv.exe [3224328 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe [133592 2023-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVer871BDA; C:\Windows\System32\Drivers\AVer9303.sys [323096 2016-10-28] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia)
R3 EverestDriver; C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [26752 2010-03-30] (LAVALYS -> )
S3 MpKsl2128006b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{36925F47-77EB-48F4-A0B1-DF892D15503A}\MpKslDrv.sys [211208 2023-03-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49624 2023-03-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495912 2023-03-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-18 19:52 - 2023-03-18 19:53 - 000012863 _____ C:\Users\ja131\Desktop\FRST.txt
2023-03-18 19:47 - 2023-03-18 19:47 - 000000000 ____D C:\Users\ja131\Desktop\FRST-OlderVersion
2023-03-18 13:17 - 2023-03-18 13:19 - 000000000 ____D C:\AdwCleaner
2023-03-18 13:16 - 2023-03-18 13:16 - 008791352 _____ (Malwarebytes) C:\Users\ja131\Desktop\adwcleaner.exe
2023-03-18 04:39 - 2023-03-18 19:52 - 000000000 ____D C:\FRST
2023-03-18 04:35 - 2023-03-18 19:47 - 002378752 _____ (Farbar) C:\Users\ja131\Desktop\FRST64.exe
2023-03-15 18:51 - 2023-03-15 18:51 - 000189828 _____ C:\Users\ja131\Downloads\1373 vyúčtování uživatelů JM 2021 SVJ (1).pdf
2023-03-15 06:44 - 2023-03-15 06:44 - 000000000 ___HD C:\$WinREAgent
2023-03-15 00:19 - 2023-03-15 00:19 - 001444746 _____ C:\Users\ja131\Downloads\c22d47189390b59f848dcf3e90d650958f6b3c4cdd58cb0b302539ee5d9727f193adc2ccfeadca1ad86c2526134f57f9c687d1dc444b0a60b1604b13bfb5cf15 (1).pdf
2023-03-14 13:53 - 2023-03-14 13:53 - 000083177 _____ C:\Users\ja131\Downloads\mKonto_nr_1703 _za_2023-02.pdf
2023-03-14 13:52 - 2023-03-14 13:52 - 000030427 _____ C:\Users\ja131\Downloads\Vyúčtování výnosů pro SVJ 2021.pdf
2023-03-14 13:48 - 2023-03-14 13:48 - 000457993 _____ C:\Users\ja131\Downloads\2021_2013730081.pdf
2023-03-14 13:48 - 2023-03-14 13:48 - 000189828 _____ C:\Users\ja131\Downloads\1373 vyúčtování uživatelů JM 2021 SVJ.pdf
2023-03-14 12:02 - 2023-03-14 12:02 - 000228626 _____ C:\Users\ja131\Downloads\FAKTURA_Petr_Hrdina_BI01 (1).pdf
2023-03-14 12:01 - 2023-03-14 12:01 - 000228626 _____ C:\Users\ja131\Downloads\FAKTURA_Petr_Hrdina_BI01.pdf
2023-03-12 09:50 - 2023-03-12 09:50 - 001444746 _____ C:\Users\ja131\Downloads\c22d47189390b59f848dcf3e90d650958f6b3c4cdd58cb0b302539ee5d9727f193adc2ccfeadca1ad86c2526134f57f9c687d1dc444b0a60b1604b13bfb5cf15.pdf
2023-03-11 08:34 - 2023-03-11 08:34 - 000001412 _____ C:\Users\ja131\Downloads\priloha_1153515257_1_VypisROS.csv
2023-03-11 08:33 - 2023-03-11 08:33 - 000179947 _____ C:\Users\ja131\Downloads\priloha_1153494209_0_zprava.pdf
2023-03-11 08:32 - 2023-03-11 08:32 - 000096948 _____ C:\Users\ja131\Downloads\priloha_1153515257_0_VypisROS.pdf
2023-03-11 07:22 - 2023-03-11 07:22 - 000008192 _____ C:\Users\ja131\Downloads\SIPO_banky.xls
2023-03-10 11:16 - 2023-03-10 11:16 - 011339610 _____ C:\Users\ja131\Downloads\AS_129712_VHX-7000_C_626P22_KIB_CZ_2122_5.pdf
2023-03-08 21:56 - 2023-03-08 21:56 - 043540046 _____ C:\Users\ja131\Downloads\Industrial_Supply_Czech (2).pdf
2023-03-08 21:11 - 2023-03-08 21:11 - 043540046 _____ C:\Users\ja131\Downloads\Industrial_Supply_Czech (1).pdf
2023-03-07 19:55 - 2023-03-07 19:56 - 043540046 _____ C:\Users\ja131\Downloads\Industrial_Supply_Czech.pdf
2023-02-28 08:25 - 2023-02-28 08:25 - 224357286 _____ C:\Users\ja131\Downloads\Blaupunkt.TravelPilot.DX.2013-2014.Poland.Czech.Republic-www.SKODAHOME.cz.rar
2023-02-28 08:22 - 2023-02-28 08:22 - 688099328 _____ C:\Users\ja131\Downloads\RNS_510_FW_3980_update-www.skodahome.cz.iso
2023-02-28 08:21 - 2023-02-28 08:22 - 509673020 _____ C:\Users\ja131\Downloads\RNS_510_FW_3980_update-www.skodahome.cz.rar
2023-02-24 11:12 - 2023-02-24 11:12 - 000012042 _____ C:\Users\ja131\Downloads\index.pdf
2023-02-21 20:37 - 2023-02-21 20:37 - 000379848 _____ C:\Users\ja131\Downloads\Rozhodnutí KÚ o změně rozhodnutí o přestupku.pdf
2023-02-16 16:40 - 2023-02-16 16:40 - 000724006 _____ C:\Users\ja131\Downloads\ua-010123.pdf
2023-02-16 16:25 - 2023-02-16 16:25 - 003749418 _____ C:\Users\ja131\Downloads\imgcache (2).0
2023-02-16 16:23 - 2023-02-16 16:23 - 003749418 _____ C:\Users\ja131\Downloads\imgcache (1).0
2023-02-16 16:10 - 2023-02-16 16:10 - 000028600 _____ C:\Users\ja131\Downloads\history001.dat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-18 19:48 - 2022-10-24 10:59 - 000000000 ____D C:\Program Files\CCleaner
2023-03-18 19:45 - 2022-10-12 12:55 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-18 15:41 - 2022-10-12 12:12 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-18 05:25 - 2022-10-12 12:13 - 001693664 _____ C:\Windows\system32\PerfStringBackup.INI
2023-03-18 05:25 - 2019-12-07 15:43 - 000716894 _____ C:\Windows\system32\perfh005.dat
2023-03-18 05:25 - 2019-12-07 15:43 - 000145072 _____ C:\Windows\system32\perfc005.dat
2023-03-18 05:25 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-03-18 05:21 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-18 05:19 - 2022-10-24 10:59 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-03-18 05:19 - 2022-10-12 12:06 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-18 05:19 - 2022-10-12 12:06 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-03-18 05:19 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-03-18 05:14 - 2022-12-21 19:15 - 000000000 ____D C:\Users\ja131\AppData\Roaming\MPC-HC
2023-03-18 05:14 - 2022-12-08 09:03 - 000000000 ____D C:\Users\ja131\AppData\Local\CrashDumps
2023-03-18 05:14 - 2022-10-12 14:10 - 000000000 ____D C:\Users\ja131\AppData\Local\D3DSCache
2023-03-18 05:13 - 2022-10-24 10:59 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-03-18 05:13 - 2022-10-24 10:59 - 000003474 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-03-18 04:19 - 2022-10-12 13:28 - 000000000 ____D C:\Windows\system32\MRT
2023-03-18 04:15 - 2022-10-12 13:28 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-03-18 04:10 - 2022-12-12 20:51 - 000007623 _____ C:\Users\ja131\AppData\Local\Resmon.ResmonCfg
2023-03-18 03:58 - 2022-10-12 12:06 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-18 03:58 - 2022-10-12 12:06 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-17 12:19 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-17 12:19 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-03-17 12:18 - 2023-01-16 17:21 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-17 12:18 - 2022-10-12 12:06 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-16 22:42 - 2022-10-12 12:06 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-03-15 07:06 - 2022-10-12 12:06 - 000294584 _____ C:\Windows\system32\FNTCACHE.DAT
2023-03-15 07:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-03-15 07:06 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-03-15 06:51 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-03-15 06:48 - 2022-10-12 12:10 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-03-09 08:33 - 2022-10-12 12:55 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-07 12:46 - 2023-01-12 14:30 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-03-07 12:46 - 2022-12-16 00:06 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-07 12:46 - 2022-12-15 23:25 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-03-07 12:33 - 2022-10-12 12:06 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-04 11:00 - 2022-12-20 21:11 - 000000000 ____D C:\Users\ja131\AppData\Roaming\vlc
2023-02-27 11:13 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-27 11:13 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-27 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-27 11:13 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-21 06:07 - 2022-10-12 12:14 - 000000000 ____D C:\Users\ja131
2023-02-16 23:46 - 2022-12-19 08:05 - 000000000 ____D C:\Users\ja131\Desktop\Spaces
2023-02-16 23:16 - 2022-10-12 12:23 - 000000000 ____D C:\Users\ja131\AppData\Local\PlaceholderTileLogoFolder
2023-02-16 16:16 - 2022-10-12 12:21 - 000000000 ____D C:\Users\ja131\AppData\Local\Packages

==================== Files in the root of some directories ========

2022-11-13 23:35 - 2022-12-16 00:21 - 000099384 _____ () C:\Users\ja131\AppData\Roaming\inst.exe
2022-11-13 23:35 - 2022-12-16 00:21 - 000007859 _____ () C:\Users\ja131\AppData\Roaming\pcouffin.cat
2022-11-13 23:35 - 2022-12-16 00:21 - 000001167 _____ () C:\Users\ja131\AppData\Roaming\pcouffin.inf
2022-11-13 23:35 - 2022-12-16 00:21 - 000000055 _____ () C:\Users\ja131\AppData\Roaming\pcouffin.log
2022-11-13 23:35 - 2022-12-16 00:21 - 000082816 _____ (VSO Software) C:\Users\ja131\AppData\Roaming\pcouffin.sys
2022-12-12 20:51 - 2023-03-18 04:10 - 000007623 _____ () C:\Users\ja131\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2023
Ran by ja131 (18-03-2023 19:54:03)
Running from C:\Users\ja131\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2728 (X64) (2022-10-12 11:09:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1838826172-258241280-2038725832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1838826172-258241280-2038725832-503 - Limited - Disabled)
Guest (S-1-5-21-1838826172-258241280-2038725832-501 - Limited - Disabled)
ja131 (S-1-5-21-1838826172-258241280-2038725832-1001 - Administrator - Enabled) => C:\Users\ja131
WDAGUtilityAccount (S-1-5-21-1838826172-258241280-2038725832-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.001.20064 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.23.9 - Ashampoo GmbH & Co. KG)
AVerMedia TD310 USB Pure DVB-T/T2/C 14.7.64.18 (HKLM-x32\...\AVerMedia TD310 USB Pure DVB-T/T2/C) (Version: 14.7.64.18 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.4.24 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.10 - Piriform)
DVD to ISO (HKLM-x32\...\{646E7341-F4F6-46E1-A6AE-2A91FED3F0E8}_is1) (Version: - dvdtoiso.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
IsoBuster [64bit] (HKLM\...\IsoBuster64bit_is1) (Version: 5.1 - Smart Projects)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0.1 - AppWork GmbH)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 111.0.1661.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.30.30704 (HKLM-x32\...\{4d8dcf8c-a72a-43e1-9833-c12724db736e}) (Version: 14.30.30704.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.30.30704 (HKLM-x32\...\{BF08E976-B92E-4336-B56F-2171179476C4}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.30.30704 (HKLM-x32\...\{F6080405-9FA8-4CAA-9982-14E95D1A3DAC}) (Version: 14.30.30704 - Microsoft Corporation) Hidden
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
NVIDIA Ovladač HD audia 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Switch Sound File Converter (HKLM-x32\...\Switch) (Version: 10.40 - NCH Software)
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 8.5.1.0 - Lynx Technology)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-02-16] (Microsoft Corporation)
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.91.6552.0_x64__8wekyb3d8bbwe [2023-03-06] (Microsoft Corporation) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\ChromeHTML: -> <==== ATTENTION
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Smart Projects\IsoBuster;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AVerRemote => 2
MSCONFIG\Services: AVerScheduleService => 2
HKLM\...\StartupApproved\StartupFolder: => "AVerQuick.lnk"
HKLM\...\StartupApproved\StartupFolder: => "AVer HID Receiver.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Twonky Server.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "UniConverterUpdateHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\StartupApproved\StartupFolder: => "DeepL auto-start.lnk"
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2A7011BB158D945C104FE50EF6949705"
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E296CA85-AC7D-4FB0-B8F3-57F8843D6ACA}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [{01EA58A5-07AB-49D5-BB3E-E91F4A9C0608}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [TCP Query User{2F71BCAE-0521-4517-8CD3-D8AAD57D172E}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [UDP Query User{50F03797-124F-434D-BE5B-2FA03BE3CCDB}C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe] => (Allow) C:\program files (x86)\twonky\twonkyserver\twonkyserver.exe (J.M. Driver, LLC -> )
FirewallRules: [{1626DBB3-FB21-4E89-BE0F-D21B7C7440F1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{81CD2077-E35A-478A-991F-02AC67FF1B23}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

25-02-2023 15:06:41 Instalační služba modulů systému Windows
06-03-2023 13:09:34 Naplánovaný kontrolní bod
13-03-2023 17:00:39 Naplánovaný kontrolní bod
15-03-2023 06:44:26 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2023 05:19:17 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/18/2023 05:14:24 AM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/18/2023 04:31:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.19041.1949, časové razítko: 0xbbdb3e51
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2728, časové razítko: 0xe7e53a4e
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010fd12
ID chybujícího procesu: 0x1aa8
Čas spuštění chybující aplikace: 0x01d9594a31bc8696
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 00ec4d4a-660f-447e-99f2-c9cae260aad4
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.19041.1949_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App

Error: (03/15/2023 06:44:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/14/2023 11:46:08 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/14/2023 01:21:42 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/14/2023 01:21:10 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Službě Windows Search se nepodařilo zpracovat seznam zahrnutých a vyloučených umístění, a to s chybou <30, 0x80040d07, iehistory://{S-1-5-21-1838826172-258241280-2038725832-1001}/>.

Error: (03/13/2023 05:00:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (03/18/2023 01:19:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/18/2023 01:19:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (03/03/2023 10:35:44 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku H: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.

Error: (03/03/2023 10:35:44 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku H: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v offline režimu.

Error: (03/03/2023 10:35:16 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk4\DR4 má chybný blok.

Error: (03/03/2023 10:35:08 AM) (Source: disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk4\DR4 má chybný blok.

Error: (02/21/2023 05:29:38 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (3:02:18, ‎21.‎02.‎2023) bylo neočekávané.

Error: (02/20/2023 06:54:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WSearch bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2023-03-15 15:18:26
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A535F560-93CF-4DC4-9A46-DB80CB2BCDC1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-14 12:49:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5FF8E5C6-D661-4168-8D6E-830F353B4CF5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-13 16:54:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D3928A61-00CA-4657-A457-135028E1F9D6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-12 05:51:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {294957AC-DD42-4430-8C92-219F537CD269}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-10 17:57:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6112ED70-8257-4EFC-B3FE-281179A63ED5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-02-10 04:39:55
Description:
Antivirová ochrana v programu Microsoft Defender ëпģΐⁿě ħäš ьëĕи ŧĕгmιйатеď δũ℮ ŧǿ άи úηєжрэςŧэδ ěгřοґ.%л %ŧ₣ąĭļųŕé Ŧγφэ:%ьChyba%π %ţĘхςëрŧïσπ сόđë:%ь0xc0000005%и %ťЃéśøµŗć℮:%ьfile:C:\Users\ja131\AppData\Roaming\Microsoft\Windows\Recent\07 - Goodbye Blue Sky.flac.lnk%π %τĘⁿģїŋε €óðě:%ь%7

CodeIntegrity:
===============
Date: 2023-02-10 04:40:00
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 06/18/2009
Motherboard: Gigabyte Technology Co., Ltd. EP35C-DS3R
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 57%
Total physical RAM: 3070.48 MB
Available physical RAM: 1293.51 MB
Total Virtual: 3582.48 MB
Available Virtual: 1498.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:446.58 GB) (Free:284.2 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive d: () (Fixed) (Total:0.1 GB) (Free:0.06 GB) (Model: WDC WD5000AVDS-73U7B1) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (Moj_první) (Fixed) (Total:232.88 GB) (Free:232.78 GB) (Model: WDC WD2500KS-00MJB0) NTFS
Drive f: (uloziste) (Fixed) (Total:465.76 GB) (Free:84.24 GB) (Model: WDC WD5000AVCS-632DY1) NTFS
Drive g: () (Fixed) (Total:465.66 GB) (Free:384.24 GB) (Model: WDC WD5000AVDS-73U7B1) NTFS
Drive i: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{df30df30-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{df30df30-0000-0000-0000-60a86f000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4779AE1A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 504D58B8)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: DF30DF30)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=446.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)

==========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: 000F3183)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, vysoké vytížení CPU

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {7B53E548-6F00-42AB-9BE4-A436B99FDC03} - System32\Tasks\GoogleUpdateTaskMachineCore{1A7BD178-B46A-4311-A8FE-316DA76E284C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
Task: {C6FF66AC-E1AC-4B4B-83B8-B3B1910A0575} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {DCCC38B4-5903-4EBF-8605-781D0AB887F4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5763922E-0C75-45F3-98D6-7CC1B9E94B85} - System32\Tasks\GoogleUpdateTaskMachineUA{F55F866E-D24E-4039-99C3-2298A1A0D3A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\ChromeHTML: -> <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ja1316
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 02:25

Re: Prosím o kontrolu, vysoké vytížení CPU

#7 Příspěvek od ja1316 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-03-2023
Ran by ja131 (18-03-2023 20:16:34) Run:1
Running from C:\Users\ja131\Desktop
Loaded Profiles: ja131
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {7B53E548-6F00-42AB-9BE4-A436B99FDC03} - System32\Tasks\GoogleUpdateTaskMachineCore{1A7BD178-B46A-4311-A8FE-316DA76E284C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
Task: {C6FF66AC-E1AC-4B4B-83B8-B3B1910A0575} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {DCCC38B4-5903-4EBF-8605-781D0AB887F4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838826172-258241280-2038725832-1001 => C:\Users\ja131\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {5763922E-0C75-45F3-98D6-7CC1B9E94B85} - System32\Tasks\GoogleUpdateTaskMachineUA{F55F866E-D24E-4039-99C3-2298A1A0D3A9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-12] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
HKU\S-1-5-21-1838826172-258241280-2038725832-1001\...\ChromeHTML: -> <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B53E548-6F00-42AB-9BE4-A436B99FDC03}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B53E548-6F00-42AB-9BE4-A436B99FDC03}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{1A7BD178-B46A-4311-A8FE-316DA76E284C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{1A7BD178-B46A-4311-A8FE-316DA76E284C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C6FF66AC-E1AC-4B4B-83B8-B3B1910A0575}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C6FF66AC-E1AC-4B4B-83B8-B3B1910A0575}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-1838826172-258241280-2038725832-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-1838826172-258241280-2038725832-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DCCC38B4-5903-4EBF-8605-781D0AB887F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCCC38B4-5903-4EBF-8605-781D0AB887F4}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1838826172-258241280-2038725832-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-1838826172-258241280-2038725832-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5763922E-0C75-45F3-98D6-7CC1B9E94B85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5763922E-0C75-45F3-98D6-7CC1B9E94B85}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{F55F866E-D24E-4039-99C3-2298A1A0D3A9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{F55F866E-D24E-4039-99C3-2298A1A0D3A9}" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-1838826172-258241280-2038725832-1001_Classes\ChromeHTML => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7484720 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 2120654 B
Edge => 0 B
Chrome => 323489812 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2090 B
ja131 => 16481742 B

RecycleBin => 96528 B
EmptyTemp: => 334.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 18-03-2023 20:17:29)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 20:17:29 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, vysoké vytížení CPU

#8 Příspěvek od Rudy »

Smazáno. Kleslo zatížení?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

ja1316
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 21 led 2017 02:25

Re: Prosím o kontrolu, vysoké vytížení CPU

#9 Příspěvek od ja1316 »

Jj, upravilo se to děkuji za pomoc.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118198
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu, vysoké vytížení CPU

#10 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno