Neustály reštart.

Zpráva

QuickShare · #1 Příspěvek od **QuickShare** » 21 úno 2021 16:21

Zdravím! Mam takýto problém: NB sa nedá vypnúť. Win sa normálne odhlási no kontrolky nezhasnú alebo až po veľmi dlhej dobe a potom sa sám dookola reštartuje.. teda len sa zapne rozsvietia kontrolky na par sekúnd a hneď vypne a stále takto dookola keď ho resetujem tak nabehne win.. tiež som si všimol že keď nabehne win tak na chvíľku je neaktuálny čas. Skúšal som aktualizovať bios no nepomohlo. Myslím si že sa nejedna o HW problém.
Ďakujem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-02-2021 01
Ran by Mamka (administrator) on LAPTOP-JH8MEG9T (LENOVO 81FB) (21-02-2021 16:11:14)
Running from C:\Users\Mamka\Desktop
Loaded Profiles: Mamka
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0336591.inf_amd64_974f1e7a49faae75\B336476\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0336591.inf_amd64_974f1e7a49faae75\B336476\atiesrxx.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\WINWORD.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Mamka\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [23971176 2020-12-14] (NGWIN Software Co. -> NGWIN)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\MountPoints2: {acdc44d8-2fc8-11eb-9346-505bc2bda3d0} - "D:\RTK_NIC_DRIVER_INSTALLER.sfx.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17DEE691-4235-448D-88BD-8F80541844A4} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {1F55E908-AE12-4234-931F-D3D80705D266} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [61872 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Mamka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {37A255A0-4B69-45E1-88D5-B70CC6F921E3} - \Lenovo\ImController\TimeBasedEvents\9ed0388e-03bb-4238-afe0-47886f083951 -> No File <==== ATTENTION
Task: {4037487F-F2B9-494A-8DA5-25D9AD5D1B26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {45655247-9F13-44BC-B213-D475DEBFF7C2} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-02-04] (Lenovo -> Lenovo Group Ltd.)
Task: {565CA763-9279-4F67-B5C5-6D9922FD6929} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)
Task: {56B76DCE-5C83-4A48-ACCF-CE72DEBC6768} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC2C9EAB-50F6-43AF-BECB-3590A665AAFC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B9A9A8BE-216F-4D0B-9079-1B67AFD6CD03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C05CDBA3-7460-4D8C-9EE4-9F21462C3359} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB4B02C8-E1BA-4FD1-BF38-80F4838F5A51} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D17A3D10-7585-44D0-BB21-8045A6409483} - \Lenovo\ImController\TimeBasedEvents\21a9596e-d19b-4435-bbd3-66bacde455c3 -> No File <==== ATTENTION
Task: {D24D37BB-F5D3-4F9C-B10A-87B314B517A4} - \Lenovo\ImController\TimeBasedEvents\6d5e7461-73ad-41bc-aa90-2b6f0c694f0c -> No File <==== ATTENTION
Task: {E3CF5861-5111-49AF-87DA-4EACACFF7B6F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {F39E3A85-BF69-4BBF-8DAF-105A56319E8C} - \Lenovo\ImController\TimeBasedEvents\facb7d5a-3683-4437-8604-4d73524e006e -> No File <==== ATTENTION
Task: {FFAEAB40-5B64-4A3B-B0F7-3FF6F870308F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2b6115d8-1d3a-41ef-94c7-c188b49f9a88}: [DhcpNameServer] 169.254.110.57
Tcpip\..\Interfaces\{b15b7cac-43da-40bf-a975-aa23db41001c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f115cd25-0318-4f40-8cb7-33fbb8f92599}: [DhcpNameServer] 194.160.205.1

Edge:
=======
DownloadDir: C:\Users\Mamka\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Mamka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-21]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1413706141-3479040022-3101450614-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Mamka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default [2021-02-21]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentácie) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-23]
CHR Extension: (Dokumenty) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-23]
CHR Extension: (Disk Google) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-23]
CHR Extension: (Tabuľky) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-14]
CHR Extension: (MyUS Shopping) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdohdiappiakacbmckagohongolonbpj [2021-02-12]
CHR Extension: (Grammarly for Chrome) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602632 2018-08-27] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [289224 2018-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81840 2021-01-11] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174952 2017-11-29] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-09] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [199552 2017-12-11] (Genesys Logic, Inc. -> Genesys Logic)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-21 16:11 - 2021-02-21 16:13 - 000014175 _____ C:\Users\Mamka\Desktop\FRST.txt
2021-02-21 16:10 - 2021-02-21 16:12 - 000000000 ____D C:\FRST
2021-02-21 16:08 - 2021-02-21 16:08 - 002301440 _____ (Farbar) C:\Users\Mamka\Desktop\FRST64.exe
2021-02-18 02:00 - 2021-02-21 15:52 - 001553356 _____ C:\WINDOWS\Minidump\021821-50421-01.dmp
2021-02-18 00:56 - 2021-02-18 01:07 - 001566580 _____ C:\WINDOWS\Minidump\021821-43093-01.dmp
2021-02-17 20:20 - 2021-02-17 20:23 - 001406812 _____ C:\WINDOWS\Minidump\021721-43125-01.dmp
2021-02-17 19:17 - 2021-02-18 02:00 - 504050972 _____ C:\WINDOWS\MEMORY.DMP
2021-02-17 19:17 - 2021-02-17 19:20 - 001457892 _____ C:\WINDOWS\Minidump\021721-48687-01.dmp
2021-02-17 15:31 - 2021-02-17 15:31 - 007468288 _____ (Lenovo Group Limited ) C:\Users\Mamka\Downloads\7wcn38ww.exe
2021-02-14 18:38 - 2021-02-14 18:38 - 000002023 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2021-02-14 18:38 - 2021-02-14 18:38 - 000002023 _____ C:\ProgramData\Desktop\ESET Ochrana online platieb.lnk
2021-02-14 18:28 - 2021-02-14 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-02-14 18:28 - 2021-02-14 18:28 - 000000000 ____D C:\ProgramData\ESET
2021-02-12 14:08 - 2021-02-12 14:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 14:07 - 2021-02-12 14:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 14:07 - 2021-02-12 14:07 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 14:07 - 2021-02-12 14:07 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 14:05 - 2021-02-12 14:05 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-09 12:40 - 2021-02-09 12:40 - 000458906 _____ C:\Users\Mamka\Downloads\It_s Alive An Exploaration of Contemporary Poetry in The Digital Age by Lysle Hood (1).pdf
2021-02-08 20:07 - 2021-02-08 20:07 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk
2021-02-08 20:07 - 2021-02-08 20:07 - 000001071 _____ C:\Users\Public\Desktop\PicPick.lnk
2021-02-08 20:07 - 2021-02-08 20:07 - 000001071 _____ C:\ProgramData\Desktop\PicPick.lnk
2021-02-08 20:07 - 2021-02-08 20:07 - 000000000 ____D C:\Users\Mamka\AppData\Roaming\picpick
2021-02-08 20:07 - 2021-02-08 20:07 - 000000000 ____D C:\ProgramData\PicPick
2021-02-08 20:07 - 2021-02-08 20:07 - 000000000 ____D C:\Program Files (x86)\PicPick
2021-02-08 20:04 - 2021-02-08 20:06 - 015612296 _____ C:\Users\Mamka\Downloads\picpick_inst.exe
2021-02-06 20:26 - 2021-02-06 20:26 - 000368575 _____ C:\Users\Mamka\Downloads\Toward_a_Cohesive_Theory_of_Visual_Literacy.pdf
2021-02-04 17:27 - 2021-02-04 17:28 - 016269344 _____ C:\Users\Mamka\Downloads\The Poetry Handbook by John Lennard (z-lib.org).pdf
2021-02-04 12:47 - 2021-02-04 12:47 - 000673871 _____ C:\Users\Mamka\Downloads\A Poetry Handbook.pdf
2021-02-03 15:47 - 2021-02-03 15:47 - 000513094 _____ C:\Users\Mamka\Downloads\Courage_to_be_Dislike_Strategies_and_Approach_of (2).pdf
2021-02-03 00:52 - 2021-02-14 01:28 - 000000000 ____D C:\Users\Mamka\Desktop\Diplomovka
2021-02-02 19:53 - 2021-02-02 19:53 - 001040500 _____ C:\Users\Mamka\Downloads\BB-Masterclass.pdf
2021-02-01 17:15 - 2021-02-01 17:15 - 000513094 _____ C:\Users\Mamka\Downloads\Courage_to_be_Dislike_Strategies_and_Approach_of (1).pdf
2021-02-01 16:40 - 2021-02-01 16:40 - 000513094 _____ C:\Users\Mamka\Downloads\Courage_to_be_Dislike_Strategies_and_Approach_of.pdf
2021-01-31 18:25 - 2021-01-31 18:25 - 000141957 _____ C:\Users\Mamka\Downloads\[PDF] Aesthetics_ A Comprehensive Anthology.pdf
2021-01-31 18:24 - 2021-01-31 18:24 - 000010550 _____ C:\Users\Mamka\Downloads\DOWNLOAD Aesthetics A Comprehensive Anthology (Blackwell Philosophy Anthologies).pdf
2021-01-27 17:00 - 2021-01-27 17:00 - 000538700 _____ C:\Users\Mamka\Downloads\hudobna-estetika-prezentácia.pptx
2021-01-23 17:16 - 2021-01-23 17:16 - 001742401 _____ C:\Users\Mamka\Downloads\Art Up meeting 2.pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-21 16:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-21 15:57 - 2020-06-13 11:43 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-21 15:57 - 2020-06-13 11:43 - 000002289 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-21 15:57 - 2020-06-13 11:43 - 000002289 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-21 15:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-21 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-21 15:53 - 2020-11-19 00:26 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-21 15:52 - 2019-08-23 10:43 - 000000000 ____D C:\Program Files\CCleaner
2021-02-18 02:00 - 2020-11-07 21:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-18 02:00 - 2020-11-07 20:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-18 02:00 - 2020-11-07 20:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-18 02:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-17 19:08 - 2019-08-23 10:43 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-17 19:08 - 2019-08-23 10:43 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-17 19:08 - 2019-08-23 10:43 - 000002279 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-17 19:04 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-17 18:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-17 18:02 - 2020-11-03 23:13 - 000000000 ___HD C:\$WinREAgent
2021-02-17 17:40 - 2020-11-07 20:41 - 000000000 ____D C:\Users\Mamka
2021-02-17 17:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-17 16:16 - 2019-08-15 14:27 - 000000000 ____D C:\Users\Mamka\AppData\Local\PlaceholderTileLogoFolder
2021-02-17 15:32 - 2019-08-19 10:52 - 000000000 ____D C:\BIOS
2021-02-17 15:23 - 2019-08-15 14:18 - 000000000 ____D C:\Users\Mamka\AppData\Local\Packages
2021-02-14 23:17 - 2020-11-07 21:00 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-14 23:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-14 21:20 - 2019-08-23 12:36 - 000000000 ____D C:\Users\Mamka\AppData\Local\D3DSCache
2021-02-14 18:34 - 2019-11-22 12:03 - 000000000 ____D C:\Users\Mamka\AppData\Local\ESET
2021-02-14 18:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-14 18:28 - 2019-11-22 11:59 - 000000000 ____D C:\Program Files\ESET
2021-02-14 18:10 - 2019-08-19 10:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-14 18:08 - 2020-12-29 19:39 - 000000000 ____D C:\Users\Mamka\AppData\Roaming\uTorrent
2021-02-14 18:06 - 2020-11-03 23:29 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-14 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-02-14 17:54 - 2019-08-31 16:57 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-13 14:04 - 2020-11-23 21:28 - 000002375 _____ C:\Users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-13 14:04 - 2020-11-23 21:28 - 000002367 _____ C:\Users\Mamka\Desktop\Microsoft Teams.lnk
2021-02-12 16:24 - 2020-11-07 20:52 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-12 16:20 - 2020-11-07 20:36 - 000458312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 13:54 - 2019-08-14 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 13:50 - 2019-08-14 18:00 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 17:29 - 2020-09-18 17:31 - 000000000 ____D C:\Program Files\aScAgenda
2021-02-05 21:23 - 2020-11-25 09:58 - 000003482 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b53ef3389880
2021-02-05 21:23 - 2020-11-07 21:00 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 21:00 - 2020-11-07 21:00 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 21:00 - 2020-11-07 21:00 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-02 17:08 - 2020-10-07 13:06 - 000000860 _____ C:\Users\Mamka\Desktop\aScAgenda.lnk
2021-01-29 12:46 - 2020-11-24 15:59 - 000000583 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-01-25 11:41 - 2020-10-05 17:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2019-10-15 10:45 - 2019-10-15 10:45 - 009256960 _____ () C:\Program Files (x86)\GUT3882.tmp
2020-12-08 20:43 - 2020-12-08 20:43 - 000000116 _____ () C:\Users\Mamka\AppData\Roaming\debug.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2021 01
Ran by Mamka (21-02-2021 16:17:52)
Running from C:\Users\Mamka\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-11-07 20:01:40)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1413706141-3479040022-3101450614-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1413706141-3479040022-3101450614-503 - Limited - Disabled)
Guest (S-1-5-21-1413706141-3479040022-3101450614-501 - Limited - Disabled)
Mamka (S-1-5-21-1413706141-3479040022-3101450614-1001 - Administrator - Enabled) => C:\Users\Mamka
WDAGUtilityAccount (S-1-5-21-1413706141-3479040022-3101450614-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Connect (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
aScAgenda (HKLM-x32\...\ImageMaker) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 5.1.4 - NGWIN)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
WinRAR 5.70 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20201.249.0_x64__rz1tebttyb220 [2019-08-19] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2020-01-28] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-01-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mamka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-21 12:22 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> DefaultScope {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-11-24 15:59 - 2021-01-29 12:46 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
168.137.1 LAPTOP-JH8MEG9T.mshome.net # 2025 11 0 23 19 18 53 650
50

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F76FE88F-3BD8-4DB5-9C01-EC9602130B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20218.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82880CFE-DB0A-4B08-9127-89BCDA5F9178}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20218.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D54C7F3E-5387-408F-B095-104F15C8FF81}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{571AD286-A650-44D3-A31E-3F9F5348F050}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{0ACCB067-AC32-40F9-900F-E02FF15E895B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6BD0943D-2F2B-4477-858E-17D50B429C62}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC0B2205-DC78-451E-A4AC-7E4E635A27DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E6957B4-E8D1-4F70-A9A8-2BC1A185AAF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5054D87E-E3E1-46E2-A206-4F0B977EAB56}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-01-2021 19:40:35 Scheduled Checkpoint
07-02-2021 21:29:41 Scheduled Checkpoint
11-02-2021 13:54:26 Inštalátor modulov systému Windows
14-02-2021 17:47:21 Odstránené: ESET Endpoint Security
17-02-2021 17:57:29 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/21/2021 03:51:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/21/2021 03:50:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 14:50:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0c3ade6f-3082-4af6-a319-b65b19fa676f

Method: GET(21797ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2021 02:01:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 14:49:36 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3aa69287-1a3d-4fc6-93e4-59f4827ab542

Method: GET(1750ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2021 01:08:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/18/2021 12:57:30 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps

Method: GET(407ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (02/17/2021 08:22:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 17 Feb 2021 19:22:09 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 185d819d-f1c3-4cdf-9ea9-45f90106a5cd

Method: GET(2140ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/17/2021 07:18:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 17 Feb 2021 18:18:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 037dcbe1-e30d-43a1-964a-f9d60964d333

Method: GET(1062ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/17/2021 07:06:50 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 17 Feb 2021 18:06:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f37e7f69-5a8d-4ac7-adc7-057fa5ebd08a

Method: GET(2859ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

System errors:
=============
Error: (02/21/2021 03:52:39 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x0000009f (0x0000000000000003, 0xffff8c88fc010060, 0xfffff8066da8f850, 0xffff8c88fcb9c010). Výpis sa uložil do súboru: C:\WINDOWS\MEMORY.DMP. Identifikácia hlásenia: b3704bc2-cb4c-4f5a-add2-84381e2df9d5.

Error: (02/18/2021 02:00:18 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:53:26 on ‎18. ‎2. ‎2021 was unexpected.

Error: (02/18/2021 01:59:31 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225473A fatal error occurred processing the restoration data.

Error: (02/18/2021 01:07:19 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x0000009f (0x0000000000000003, 0xffffa48792215060, 0xfffff8857b637850, 0xffffa487952e48a0). Výpis sa uložil do súboru: C:\WINDOWS\MEMORY.DMP. Identifikácia hlásenia: 2faaa06f-337d-42c8-ac6e-d545619b9d74.

Error: (02/18/2021 12:56:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 0:51:42 on ‎18. ‎2. ‎2021 was unexpected.

Error: (02/18/2021 12:55:36 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225473A fatal error occurred processing the restoration data.

Error: (02/18/2021 12:13:06 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: USBHUB3invalid character

Error: (02/18/2021 12:09:54 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: USBHUB3invalid character

Windows Defender:
================Event[0]:

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

CodeIntegrity:
===============
Date: 2021-02-21 15:52:18
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 7WCN38WW 11/04/2019
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 3 2200U with Radeon Vega Mobile Gfx
Percentage of memory in use: 79%
Total physical RAM: 3486.63 MB
Available physical RAM: 720.82 MB
Total Virtual: 6046.63 MB
Available Virtual: 3093.74 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:880.28 GB) NTFS

\\?\Volume{1eda179c-fe3d-4c35-8d42-8aa7468000b2}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{0c1ce5eb-9380-4839-ae77-056b075bbc09}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6D957311)

Partition: GPT.

==================== End of Addition.txt =======================Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-02-2021 01
Ran by Mamka (21-02-2021 16:17:52)
Running from C:\Users\Mamka\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-11-07 20:01:40)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1413706141-3479040022-3101450614-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1413706141-3479040022-3101450614-503 - Limited - Disabled)
Guest (S-1-5-21-1413706141-3479040022-3101450614-501 - Limited - Disabled)
Mamka (S-1-5-21-1413706141-3479040022-3101450614-1001 - Administrator - Enabled) => C:\Users\Mamka
WDAGUtilityAccount (S-1-5-21-1413706141-3479040022-3101450614-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Connect (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
aScAgenda (HKLM-x32\...\ImageMaker) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{143E35D3-F0A4-4E90-96C9-B1B72F11343A}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 5.1.4 - NGWIN)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
WinRAR 5.70 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20201.249.0_x64__rz1tebttyb220 [2019-08-19] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2020-01-28] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-01-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mamka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-21 12:22 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> DefaultScope {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-11-24 15:59 - 2021-01-29 12:46 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
168.137.1 LAPTOP-JH8MEG9T.mshome.net # 2025 11 0 23 19 18 53 650
50

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F76FE88F-3BD8-4DB5-9C01-EC9602130B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20218.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82880CFE-DB0A-4B08-9127-89BCDA5F9178}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20218.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D54C7F3E-5387-408F-B095-104F15C8FF81}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{571AD286-A650-44D3-A31E-3F9F5348F050}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{0ACCB067-AC32-40F9-900F-E02FF15E895B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6BD0943D-2F2B-4477-858E-17D50B429C62}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC0B2205-DC78-451E-A4AC-7E4E635A27DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E6957B4-E8D1-4F70-A9A8-2BC1A185AAF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5054D87E-E3E1-46E2-A206-4F0B977EAB56}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-01-2021 19:40:35 Scheduled Checkpoint
07-02-2021 21:29:41 Scheduled Checkpoint
11-02-2021 13:54:26 Inštalátor modulov systému Windows
14-02-2021 17:47:21 Odstránené: ESET Endpoint Security
17-02-2021 17:57:29 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/21/2021 03:51:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/21/2021 03:50:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 14:50:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0c3ade6f-3082-4af6-a319-b65b19fa676f

Method: GET(21797ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2021 02:01:28 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 14:49:36 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 3aa69287-1a3d-4fc6-93e4-59f4827ab542

Method: GET(1750ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/18/2021 01:08:36 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/18/2021 12:57:30 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps

Method: GET(407ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (02/17/2021 08:22:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 17 Feb 2021 19:22:09 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 185d819d-f1c3-4cdf-9ea9-45f90106a5cd

Method: GET(2140ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/17/2021 07:18:59 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 17 Feb 2021 18:18:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 037dcbe1-e30d-43a1-964a-f9d60964d333

Method: GET(1062ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/17/2021 07:06:50 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 17 Feb 2021 18:06:49 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f37e7f69-5a8d-4ac7-adc7-057fa5ebd08a

Method: GET(2859ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

System errors:
=============
Error: (02/21/2021 03:52:39 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x0000009f (0x0000000000000003, 0xffff8c88fc010060, 0xfffff8066da8f850, 0xffff8c88fcb9c010). Výpis sa uložil do súboru: C:\WINDOWS\MEMORY.DMP. Identifikácia hlásenia: b3704bc2-cb4c-4f5a-add2-84381e2df9d5.

Error: (02/18/2021 02:00:18 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:53:26 on ‎18. ‎2. ‎2021 was unexpected.

Error: (02/18/2021 01:59:31 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225473A fatal error occurred processing the restoration data.

Error: (02/18/2021 01:07:19 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x0000009f (0x0000000000000003, 0xffffa48792215060, 0xfffff8857b637850, 0xffffa487952e48a0). Výpis sa uložil do súboru: C:\WINDOWS\MEMORY.DMP. Identifikácia hlásenia: 2faaa06f-337d-42c8-ac6e-d545619b9d74.

Error: (02/18/2021 12:56:22 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 0:51:42 on ‎18. ‎2. ‎2021 was unexpected.

Error: (02/18/2021 12:55:36 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225473A fatal error occurred processing the restoration data.

Error: (02/18/2021 12:13:06 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: USBHUB3invalid character

Error: (02/18/2021 12:09:54 AM) (Source: Application Popup) (EventID: 56) (User: )
Description: USBHUB3invalid character

Windows Defender:
================Event[0]:

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

CodeIntegrity:
===============
Date: 2021-02-21 15:52:18
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 7WCN38WW 11/04/2019
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 3 2200U with Radeon Vega Mobile Gfx
Percentage of memory in use: 79%
Total physical RAM: 3486.63 MB
Available physical RAM: 720.82 MB
Total Virtual: 6046.63 MB
Available Virtual: 3093.74 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:880.28 GB) NTFS

\\?\Volume{1eda179c-fe3d-4c35-8d42-8aa7468000b2}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{0c1ce5eb-9380-4839-ae77-056b075bbc09}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6D957311)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 21 úno 2021 17:10

Zdravím!

Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

QuickShare · #3 Příspěvek od **QuickShare** » 21 úno 2021 17:25

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-21-2021
# Duration: 00:00:28
# OS: Windows 10 Home
# Cleaned: 7
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Mamka\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2041 octets] - [21/02/2021 17:18:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 21 úno 2021 18:46

Dejte nové logy FRST+Addition.

QuickShare · #5 Příspěvek od **QuickShare** » 22 úno 2021 18:18

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-02-2021
Ran by Mamka (administrator) on LAPTOP-JH8MEG9T (LENOVO 81FB) (22-02-2021 17:54:29)
Running from C:\Users\Mamka\Desktop
Loaded Profiles: Mamka
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0336591.inf_amd64_974f1e7a49faae75\B336476\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0336591.inf_amd64_974f1e7a49faae75\B336476\atiesrxx.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Mamka\AppData\Local\Microsoft\Teams\Update.exe [2453656 2021-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [23971176 2020-12-14] (NGWIN Software Co. -> NGWIN)
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\MountPoints2: {acdc44d8-2fc8-11eb-9346-505bc2bda3d0} - "D:\RTK_NIC_DRIVER_INSTALLER.sfx.exe"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-17] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17DEE691-4235-448D-88BD-8F80541844A4} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {1F55E908-AE12-4234-931F-D3D80705D266} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Mamka\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {37A255A0-4B69-45E1-88D5-B70CC6F921E3} - \Lenovo\ImController\TimeBasedEvents\9ed0388e-03bb-4238-afe0-47886f083951 -> No File <==== ATTENTION
Task: {4037487F-F2B9-494A-8DA5-25D9AD5D1B26} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {45655247-9F13-44BC-B213-D475DEBFF7C2} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {565CA763-9279-4F67-B5C5-6D9922FD6929} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)
Task: {56B76DCE-5C83-4A48-ACCF-CE72DEBC6768} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC2C9EAB-50F6-43AF-BECB-3590A665AAFC} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {B9A9A8BE-216F-4D0B-9079-1B67AFD6CD03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C05CDBA3-7460-4D8C-9EE4-9F21462C3359} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB4B02C8-E1BA-4FD1-BF38-80F4838F5A51} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D17A3D10-7585-44D0-BB21-8045A6409483} - \Lenovo\ImController\TimeBasedEvents\21a9596e-d19b-4435-bbd3-66bacde455c3 -> No File <==== ATTENTION
Task: {D24D37BB-F5D3-4F9C-B10A-87B314B517A4} - \Lenovo\ImController\TimeBasedEvents\6d5e7461-73ad-41bc-aa90-2b6f0c694f0c -> No File <==== ATTENTION
Task: {E3CF5861-5111-49AF-87DA-4EACACFF7B6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {F39E3A85-BF69-4BBF-8DAF-105A56319E8C} - \Lenovo\ImController\TimeBasedEvents\facb7d5a-3683-4437-8604-4d73524e006e -> No File <==== ATTENTION
Task: {FFAEAB40-5B64-4A3B-B0F7-3FF6F870308F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2b6115d8-1d3a-41ef-94c7-c188b49f9a88}: [DhcpNameServer] 169.254.110.57
Tcpip\..\Interfaces\{b15b7cac-43da-40bf-a975-aa23db41001c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f115cd25-0318-4f40-8cb7-33fbb8f92599}: [DhcpNameServer] 194.160.205.1

Edge:
=======
DownloadDir: C:\Users\Mamka\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\Mamka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-21]

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1413706141-3479040022-3101450614-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Mamka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-15] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome:
=======
CHR Profile: C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default [2021-02-22]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentácie) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-23]
CHR Extension: (Dokumenty) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-23]
CHR Extension: (Disk Google) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-23]
CHR Extension: (Tabuľky) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-13]
CHR Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-02-14]
CHR Extension: (MyUS Shopping) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdohdiappiakacbmckagohongolonbpj [2021-02-12]
CHR Extension: (Grammarly for Chrome) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-02-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Mamka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602632 2018-08-27] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [289224 2018-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174952 2017-11-29] (BayHub Technology Inc. -> BayHubTech/O2Micro)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-09] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [199552 2017-12-11] (Genesys Logic, Inc. -> Genesys Logic)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 17:53 - 2021-02-22 17:53 - 000000000 ____D C:\Users\Mamka\Desktop\FRST-OlderVersion
2021-02-21 18:27 - 2021-02-22 17:55 - 001458172 _____ C:\WINDOWS\Minidump\022121-43796-01.dmp
2021-02-21 17:37 - 2021-02-21 17:54 - 001686004 _____ C:\WINDOWS\Minidump\022121-44515-01.dmp
2021-02-21 17:17 - 2021-02-21 17:22 - 000000000 ____D C:\AdwCleaner
2021-02-21 17:15 - 2021-02-21 17:15 - 008463216 _____ (Malwarebytes) C:\Users\Mamka\Desktop\adwcleaner_8.1.exe
2021-02-21 16:51 - 2021-02-21 16:55 - 001298292 _____ C:\WINDOWS\Minidump\022121-43031-01.dmp
2021-02-21 16:17 - 2021-02-21 16:20 - 000025503 _____ C:\Users\Mamka\Desktop\Addition.txt
2021-02-21 16:11 - 2021-02-22 17:59 - 000013764 _____ C:\Users\Mamka\Desktop\FRST.txt
2021-02-21 16:10 - 2021-02-22 17:57 - 000000000 ____D C:\FRST
2021-02-21 16:08 - 2021-02-22 17:53 - 002301440 _____ (Farbar) C:\Users\Mamka\Desktop\FRST64.exe
2021-02-18 02:00 - 2021-02-21 15:52 - 001553356 _____ C:\WINDOWS\Minidump\021821-50421-01.dmp
2021-02-18 00:56 - 2021-02-18 01:07 - 001566580 _____ C:\WINDOWS\Minidump\021821-43093-01.dmp
2021-02-17 19:17 - 2021-02-21 18:27 - 525535172 _____ C:\WINDOWS\MEMORY.DMP
2021-02-17 15:31 - 2021-02-17 15:31 - 007468288 _____ (Lenovo Group Limited ) C:\Users\Mamka\Downloads\7wcn38ww.exe
2021-02-14 18:38 - 2021-02-14 18:38 - 000002023 _____ C:\Users\Public\Desktop\ESET Ochrana online platieb.lnk
2021-02-14 18:38 - 2021-02-14 18:38 - 000002023 _____ C:\ProgramData\Desktop\ESET Ochrana online platieb.lnk
2021-02-14 18:28 - 2021-02-14 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-02-14 18:28 - 2021-02-14 18:28 - 000000000 ____D C:\ProgramData\ESET
2021-02-12 14:08 - 2021-02-12 14:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 14:07 - 2021-02-12 14:07 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 14:07 - 2021-02-12 14:07 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 14:07 - 2021-02-12 14:07 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 14:05 - 2021-02-12 14:05 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-09 12:40 - 2021-02-09 12:40 - 000458906 _____ C:\Users\Mamka\Downloads\It_s Alive An Exploaration of Contemporary Poetry in The Digital Age by Lysle Hood (1).pdf
2021-02-08 20:07 - 2021-02-08 20:07 - 000001083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick.lnk
2021-02-08 20:07 - 2021-02-08 20:07 - 000001071 _____ C:\Users\Public\Desktop\PicPick.lnk
2021-02-08 20:07 - 2021-02-08 20:07 - 000001071 _____ C:\ProgramData\Desktop\PicPick.lnk
2021-02-08 20:07 - 2021-02-08 20:07 - 000000000 ____D C:\Users\Mamka\AppData\Roaming\picpick
2021-02-08 20:07 - 2021-02-08 20:07 - 000000000 ____D C:\ProgramData\PicPick
2021-02-08 20:07 - 2021-02-08 20:07 - 000000000 ____D C:\Program Files (x86)\PicPick
2021-02-08 20:04 - 2021-02-08 20:06 - 015612296 _____ C:\Users\Mamka\Downloads\picpick_inst.exe
2021-02-06 20:26 - 2021-02-06 20:26 - 000368575 _____ C:\Users\Mamka\Downloads\Toward_a_Cohesive_Theory_of_Visual_Literacy.pdf
2021-02-04 17:27 - 2021-02-04 17:28 - 016269344 _____ C:\Users\Mamka\Downloads\The Poetry Handbook by John Lennard (z-lib.org).pdf
2021-02-04 12:47 - 2021-02-04 12:47 - 000673871 _____ C:\Users\Mamka\Downloads\A Poetry Handbook.pdf
2021-02-03 15:47 - 2021-02-03 15:47 - 000513094 _____ C:\Users\Mamka\Downloads\Courage_to_be_Dislike_Strategies_and_Approach_of (2).pdf
2021-02-03 00:52 - 2021-02-14 01:28 - 000000000 ____D C:\Users\Mamka\Desktop\Diplomovka
2021-02-02 19:53 - 2021-02-02 19:53 - 001040500 _____ C:\Users\Mamka\Downloads\BB-Masterclass.pdf
2021-02-01 17:15 - 2021-02-01 17:15 - 000513094 _____ C:\Users\Mamka\Downloads\Courage_to_be_Dislike_Strategies_and_Approach_of (1).pdf
2021-02-01 16:40 - 2021-02-01 16:40 - 000513094 _____ C:\Users\Mamka\Downloads\Courage_to_be_Dislike_Strategies_and_Approach_of.pdf
2021-01-31 18:25 - 2021-01-31 18:25 - 000141957 _____ C:\Users\Mamka\Downloads\[PDF] Aesthetics_ A Comprehensive Anthology.pdf
2021-01-31 18:24 - 2021-01-31 18:24 - 000010550 _____ C:\Users\Mamka\Downloads\DOWNLOAD Aesthetics A Comprehensive Anthology (Blackwell Philosophy Anthologies).pdf
2021-01-27 17:00 - 2021-01-27 17:00 - 000538700 _____ C:\Users\Mamka\Downloads\hudobna-estetika-prezentácia.pptx
2021-01-23 17:16 - 2021-01-23 17:16 - 001742401 _____ C:\Users\Mamka\Downloads\Art Up meeting 2.pptx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-22 17:56 - 2020-11-19 00:26 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-22 17:54 - 2019-08-23 10:43 - 000000000 ____D C:\Program Files\CCleaner
2021-02-22 17:53 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-21 18:27 - 2020-11-07 21:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-21 18:27 - 2020-11-07 20:36 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-21 18:27 - 2020-11-07 20:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-21 18:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-21 18:26 - 2020-11-07 20:41 - 000000000 ____D C:\Users\Mamka
2021-02-21 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-21 17:22 - 2020-03-11 18:12 - 000000000 ____D C:\WINDOWS\Lenovo
2021-02-21 17:22 - 2019-08-19 10:16 - 000000000 ____D C:\Users\Mamka\AppData\Local\Lenovo
2021-02-21 17:22 - 2018-06-12 16:04 - 000000000 ____D C:\ProgramData\Lenovo
2021-02-21 16:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-21 16:40 - 2020-11-07 21:00 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-21 16:34 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-21 16:31 - 2020-10-05 17:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 15:57 - 2020-06-13 11:43 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-21 15:57 - 2020-06-13 11:43 - 000002289 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-21 15:57 - 2020-06-13 11:43 - 000002289 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-21 15:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-21 15:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-17 19:08 - 2019-08-23 10:43 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-17 19:08 - 2019-08-23 10:43 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-17 19:08 - 2019-08-23 10:43 - 000002279 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-17 18:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-17 18:02 - 2020-11-03 23:13 - 000000000 ___HD C:\$WinREAgent
2021-02-17 16:16 - 2019-08-15 14:27 - 000000000 ____D C:\Users\Mamka\AppData\Local\PlaceholderTileLogoFolder
2021-02-17 15:32 - 2019-08-19 10:52 - 000000000 ____D C:\BIOS
2021-02-17 15:23 - 2019-08-15 14:18 - 000000000 ____D C:\Users\Mamka\AppData\Local\Packages
2021-02-14 21:20 - 2019-08-23 12:36 - 000000000 ____D C:\Users\Mamka\AppData\Local\D3DSCache
2021-02-14 18:34 - 2019-11-22 12:03 - 000000000 ____D C:\Users\Mamka\AppData\Local\ESET
2021-02-14 18:29 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-14 18:28 - 2019-11-22 11:59 - 000000000 ____D C:\Program Files\ESET
2021-02-14 18:10 - 2019-08-19 10:09 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-14 18:08 - 2020-12-29 19:39 - 000000000 ____D C:\Users\Mamka\AppData\Roaming\uTorrent
2021-02-14 18:06 - 2020-11-03 23:29 - 000000000 ___DC C:\WINDOWS\Panther
2021-02-14 18:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-02-14 17:54 - 2019-08-31 16:57 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-02-13 14:04 - 2020-11-23 21:28 - 000002375 _____ C:\Users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-13 14:04 - 2020-11-23 21:28 - 000002367 _____ C:\Users\Mamka\Desktop\Microsoft Teams.lnk
2021-02-12 16:24 - 2020-11-07 20:52 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-12 16:20 - 2020-11-07 20:36 - 000458312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-11 13:54 - 2019-08-14 18:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 13:50 - 2019-08-14 18:00 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 17:29 - 2020-09-18 17:31 - 000000000 ____D C:\Program Files\aScAgenda
2021-02-05 21:23 - 2020-11-25 09:58 - 000003482 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b53ef3389880
2021-02-05 21:23 - 2020-11-07 21:00 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 21:00 - 2020-11-07 21:00 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 21:00 - 2020-11-07 21:00 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 20:04 - 2020-10-05 17:30 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2020-10-05 17:30 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-02 17:08 - 2020-10-07 13:06 - 000000860 _____ C:\Users\Mamka\Desktop\aScAgenda.lnk
2021-01-29 12:46 - 2020-11-24 15:59 - 000000583 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics

==================== Files in the root of some directories ========

2019-10-15 10:45 - 2019-10-15 10:45 - 009256960 _____ () C:\Program Files (x86)\GUT3882.tmp
2020-12-08 20:43 - 2020-12-08 20:43 - 000000116 _____ () C:\Users\Mamka\AppData\Roaming\debug.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2021
Ran by Mamka (22-02-2021 18:09:04)
Running from C:\Users\Mamka\Desktop
Windows 10 Home Version 20H2 19042.804 (X64) (2020-11-07 20:01:40)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1413706141-3479040022-3101450614-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1413706141-3479040022-3101450614-503 - Limited - Disabled)
Guest (S-1-5-21-1413706141-3479040022-3101450614-501 - Limited - Disabled)
Mamka (S-1-5-21-1413706141-3479040022-3101450614-1001 - Administrator - Enabled) => C:\Users\Mamka
WDAGUtilityAccount (S-1-5-21-1413706141-3479040022-3101450614-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Connect (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
aScAgenda (HKLM-x32\...\ImageMaker) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.182 - Google LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PicPick (HKLM-x32\...\PicPick) (Version: 5.1.4 - NGWIN)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
WinRAR 5.70 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20201.249.0_x64__rz1tebttyb220 [2019-08-19] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-14] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2020-01-28] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2020-01-28] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mamka\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> DefaultScope {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2017-09-29 14:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2020-11-24 15:59 - 2021-01-29 12:46 - 000000583 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
168.137.1 LAPTOP-JH8MEG9T.mshome.net # 2025 11 0 23 19 18 53 650
50

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F76FE88F-3BD8-4DB5-9C01-EC9602130B59}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20218.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82880CFE-DB0A-4B08-9127-89BCDA5F9178}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11901.20218.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D54C7F3E-5387-408F-B095-104F15C8FF81}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{571AD286-A650-44D3-A31E-3F9F5348F050}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{0ACCB067-AC32-40F9-900F-E02FF15E895B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6BD0943D-2F2B-4477-858E-17D50B429C62}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FC0B2205-DC78-451E-A4AC-7E4E635A27DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E6957B4-E8D1-4F70-A9A8-2BC1A185AAF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5054D87E-E3E1-46E2-A206-4F0B977EAB56}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-01-2021 19:40:35 Scheduled Checkpoint
07-02-2021 21:29:41 Scheduled Checkpoint
11-02-2021 13:54:26 Inštalátor modulov systému Windows
14-02-2021 17:47:21 Odstránené: ESET Endpoint Security
17-02-2021 17:57:29 Inštalátor modulov systému Windows
21-02-2021 17:20:41 AdwCleaner_BeforeCleaning_21/02/2021_17:20:33

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/22/2021 05:52:00 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/21/2021 06:28:47 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 22 Feb 2021 16:48:13 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 183b3e54-aea8-487b-85c0-8bb265d3f241

Method: GET(4672ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/21/2021 05:58:19 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 17:08:29 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 19886874-855f-4f70-946e-8370766a68a2

Method: GET(1312ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/21/2021 05:39:08 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 16:51:45 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 865e94e0-337e-4c15-bd64-a9b98ef63c16

Method: GET(1063ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/21/2021 05:21:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (02/21/2021 04:52:52 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 15:52:52 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: bf325160-80fd-45d6-b1bb-82cc99503d57

Method: GET(1188ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/21/2021 04:37:25 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-JH8MEG9T$ via https://AMD-KeyId-683accd5952419b3d602b ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-683accd5952419b3d602bd6a97b7217806573a87.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 21 Feb 2021 15:37:25 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: f46be013-fc83-467f-a0e8-4a5cc3965951

Method: GET(1406ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/21/2021 03:51:55 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (02/22/2021 05:55:13 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač sa po kontrole chýb reštartoval. Kontrola chýb: 0x0000009f (0x0000000000000003, 0xffffd70c3620e060, 0xffff8d8377e29850, 0xffffd70c36fb8010). Výpis sa uložil do súboru: C:\WINDOWS\MEMORY.DMP. Identifikácia hlásenia: c484a808-f9e1-40bf-a1be-6deaa49975d0.

Error: (02/22/2021 05:49:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (02/22/2021 05:48:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (02/21/2021 06:28:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (02/21/2021 06:27:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Network Connection Broker bola ukončená s nasledujúcou chybou:
A device attached to the system is not functioning.

Error: (02/21/2021 06:27:33 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:57:11 on ‎21. ‎2. ‎2021 was unexpected.

Error: (02/21/2021 06:26:47 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225473A fatal error occurred processing the restoration data.

Error: (02/21/2021 06:13:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Windows Defender:
================
Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

Date: 2021-02-14 17:55:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.303.1727.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16400.2
Error code: 0x80072f8f
Error description: A security error occurred

CodeIntegrity:
===============
Date: 2021-02-22 17:52:27
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 7WCN38WW 11/04/2019
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 3 2200U with Radeon Vega Mobile Gfx
Percentage of memory in use: 56%
Total physical RAM: 3486.63 MB
Available physical RAM: 1517.5 MB
Total Virtual: 6046.63 MB
Available Virtual: 4023.92 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:879.51 GB) NTFS

\\?\Volume{1eda179c-fe3d-4c35-8d42-8aa7468000b2}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{0c1ce5eb-9380-4839-ae77-056b075bbc09}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6D957311)

Partition: GPT.

==================== End of Addition.txt =======================

#6 Příspěvek od **Rudy** » 22 úno 2021 18:56

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {1F55E908-AE12-4234-931F-D3D80705D266} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {37A255A0-4B69-45E1-88D5-B70CC6F921E3} - \Lenovo\ImController\TimeBasedEvents\9ed0388e-03bb-4238-afe0-47886f083951 -> No File <==== ATTENTION
Task: {565CA763-9279-4F67-B5C5-6D9922FD6929} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)
Task: {AC2C9EAB-50F6-43AF-BECB-3590A665AAFC} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {D17A3D10-7585-44D0-BB21-8045A6409483} - \Lenovo\ImController\TimeBasedEvents\21a9596e-d19b-4435-bbd3-66bacde455c3 -> No File <==== ATTENTION
Task: {D24D37BB-F5D3-4F9C-B10A-87B314B517A4} - \Lenovo\ImController\TimeBasedEvents\6d5e7461-73ad-41bc-aa90-2b6f0c694f0c -> No File <==== ATTENTION
Task: {E3CF5861-5111-49AF-87DA-4EACACFF7B6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {F39E3A85-BF69-4BBF-8DAF-105A56319E8C} - \Lenovo\ImController\TimeBasedEvents\facb7d5a-3683-4437-8604-4d73524e006e -> No File <==== ATTENTION
Task: {FFAEAB40-5B64-4A3B-B0F7-3FF6F870308F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT3882.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> DefaultScope {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

V systému jsou 2 funkční antiviry. ESET a McAfee. Jeden z nich odinstalujte, dochází k sw kolizi.

QuickShare · #7 Příspěvek od **QuickShare** » 24 úno 2021 18:32

Ale McAfee odinštalovaní bol, nenájde ho ani Ccleaner..

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Mamka (24-02-2021 18:23:30) Run:1
Running from C:\Users\Mamka\Desktop
Loaded Profiles: Mamka
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {1F55E908-AE12-4234-931F-D3D80705D266} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {37A255A0-4B69-45E1-88D5-B70CC6F921E3} - \Lenovo\ImController\TimeBasedEvents\9ed0388e-03bb-4238-afe0-47886f083951 -> No File <==== ATTENTION
Task: {565CA763-9279-4F67-B5C5-6D9922FD6929} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)
Task: {AC2C9EAB-50F6-43AF-BECB-3590A665AAFC} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {D17A3D10-7585-44D0-BB21-8045A6409483} - \Lenovo\ImController\TimeBasedEvents\21a9596e-d19b-4435-bbd3-66bacde455c3 -> No File <==== ATTENTION
Task: {D24D37BB-F5D3-4F9C-B10A-87B314B517A4} - \Lenovo\ImController\TimeBasedEvents\6d5e7461-73ad-41bc-aa90-2b6f0c694f0c -> No File <==== ATTENTION
Task: {E3CF5861-5111-49AF-87DA-4EACACFF7B6F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {F39E3A85-BF69-4BBF-8DAF-105A56319E8C} - \Lenovo\ImController\TimeBasedEvents\facb7d5a-3683-4437-8604-4d73524e006e -> No File <==== ATTENTION
Task: {FFAEAB40-5B64-4A3B-B0F7-3FF6F870308F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-08-23] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUT3882.tmp
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> DefaultScope {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =
SearchScopes: HKU\S-1-5-21-1413706141-3479040022-3101450614-1001 -> {ECEFA9DF-EA84-4E53-B848-A7C3CE941378} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1F55E908-AE12-4234-931F-D3D80705D266}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F55E908-AE12-4234-931F-D3D80705D266}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37A255A0-4B69-45E1-88D5-B70CC6F921E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37A255A0-4B69-45E1-88D5-B70CC6F921E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\9ed0388e-03bb-4238-afe0-47886f083951" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{565CA763-9279-4F67-B5C5-6D9922FD6929}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{565CA763-9279-4F67-B5C5-6D9922FD6929}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC2C9EAB-50F6-43AF-BECB-3590A665AAFC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC2C9EAB-50F6-43AF-BECB-3590A665AAFC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D17A3D10-7585-44D0-BB21-8045A6409483}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D17A3D10-7585-44D0-BB21-8045A6409483}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\21a9596e-d19b-4435-bbd3-66bacde455c3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D24D37BB-F5D3-4F9C-B10A-87B314B517A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D24D37BB-F5D3-4F9C-B10A-87B314B517A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6d5e7461-73ad-41bc-aa90-2b6f0c694f0c" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3CF5861-5111-49AF-87DA-4EACACFF7B6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3CF5861-5111-49AF-87DA-4EACACFF7B6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F39E3A85-BF69-4BBF-8DAF-105A56319E8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F39E3A85-BF69-4BBF-8DAF-105A56319E8C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\facb7d5a-3683-4437-8604-4d73524e006e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFAEAB40-5B64-4A3B-B0F7-3FF6F870308F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFAEAB40-5B64-4A3B-B0F7-3FF6F870308F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Program Files (x86)\GUT3882.tmp => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
"HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1413706141-3479040022-3101450614-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ECEFA9DF-EA84-4E53-B848-A7C3CE941378} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19104814 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 1188796 B
Edge => 28687 B
Chrome => 11789142 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 68312 B
NetworkService => 68312 B
Mamka => 49502876 B

RecycleBin => 0 B
EmptyTemp: => 88 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 18:23:51 ====

#8 Příspěvek od **Rudy** » 24 úno 2021 18:48

OK, je to jen antispyware ( jiná jsou vypnuta). Nastala nějaká změna?

QuickShare · #9 Příspěvek od **QuickShare** » 24 úno 2021 19:12

Nie stále sa nedá vypnúť, ak prejde do režimu spánku tak sa nedá prebrať a po zapnutí len naštartuje blikne klávesnica a kontrolky a vypne a stále dookola.. win nabehne až keď ho veľa krát resetujem.. vo windowse je spomalený.. ak je „vypnutý“ tak neustále bliká klávesnica a NB stále dookola štartuje a vypína.

#10 Příspěvek od **Rudy** » 24 úno 2021 19:48

Zkuste obnovu systému k datu, kdy korektně fungoval. Nelze vyloučit i hw chybu.

QuickShare · #11 Příspěvek od **QuickShare** » 25 úno 2021 18:15

Po štarte systému je na chvíľku nesprávny čas. Nemôže byt zla cmos batéria? Alebo nejaký ovládač?

#12 Příspěvek od **Rudy** » 25 úno 2021 18:53

Pokud je čas správný v jiném případě, aniž by jste musel ho ručně nastavit. baterka to pravděpodobně nebude. Zkoušel jste tu obnovu systému? Pokud ano, zkuste ještě dát bios na defaultní hodnoty (load default settings).

QuickShare · #13 Příspěvek od **QuickShare** » 25 úno 2021 19:01

To s biosom som skúšal a nepomohlo. Obnovu som zatiaľ nerobil pretože posledný bod tam je 30.1 a nie som si istý či by to nebolo treba vrátiť ešte viac.. pretože on už dávnejšie nešiel prebrať s režimu spánku no štartoval a vypínal..

#14 Příspěvek od **Rudy** » 25 úno 2021 19:52

Budete muste toto zkusit, nebo provést obnovu do tov. nastavení se zachováním souborů.

QuickShare · #15 Příspěvek od **QuickShare** » 03 bře 2021 18:10

Ta obnova trvala celý deň tak som to zrušil.. Potom oprava trvala zasa celý deň tak som zrušil aj tu a cez recovery spustil zase obnovu.. ta sa úspešne dokončila.. No žiadna zmena NB sa nedá vypnúť a stále len štartuje a vypína dookola.. Viem že to vyzerá na HW ale dávnejšie keď som riešil problém s týmto NB tak bol problém s ovládacom GK (naskakovala zrnitá obrazovka hneď po zapnutí no občas sa stalo že nenaskočila a tak sa mi ho podarilo preinštalovať no najprv som ho vrátil na továrenské nastavenia a to nepomohlo až to preinštalovanie ovládača.. podľa toho viem že SW problémy sa tuto prejavujú aj pred bootovaním wondowsu čo nechápem a nemusia ich vyriešiť ani tov. nas. ...)
Ešte nejaká rada? Nerád by som zbytočne šiel do továrenských nas. Ale ak to inak nejde tak...

Ďakujem

VIRY.CZ

Neustály reštart.

Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.

Re: Neustály reštart.