Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

skype prevít, kontrola PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

skype prevít, kontrola PC

#1 Příspěvek od Bender2009 »

Skype nám nabízel hambaté obrázky a videa a nešel vypnout. Nevím jestli se mi ho podařilo celého vymazat.
Snad tady není vir nebo něco podobného co by nás skenovalo nebo brzdilo PC

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by Iveta (administrator) on LAPTOP-NA7N4PJC (LENOVO 81BG) (15-03-2021 21:18:14)
Running from C:\Users\mecna\Downloads
Loaded Profiles: Iveta
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\mecna\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-14] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Run: [Discord] => C:\Users\mecna\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Run: [MicrosoftEdgeAutoLaunch_302C0E0C3E2DDD081A06EB08D1F66094] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\OKHSPP3: C:\Windows\System32\spool\prtprocs\x64\OKHSPP3.DLL [62464 2013-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\OKI HiperC Language Monitor7 x64: C:\Windows\system32\OPDMN075.DLL [167936 2012-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C91AAC0-96A8-4B47-BDA4-6C6313DD5149} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62368 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {39BB9788-3002-4F99-A332-4CAF8AABCC83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40588D74-4E4B-48F0-89BC-4869036A7CAF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac19c563-d994-4f49-8613-265c94ff58f8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {43344B42-5EB2-4829-8861-34C61DA00E2F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2c4ff888-a2fb-4aff-9415-e303c3f4f90e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {4669C430-B9DF-40DA-A088-7F98E0E7D0FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5E1FD40C-09A7-472E-A363-BEA644D28F9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6465965A-7C80-4E20-948C-68D88CACFDA9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {75A2E15C-A0B0-48C6-9916-DFB5FACEFE33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8601A43A-5C2F-4C33-86DC-8723985E525B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {913B99BF-307E-4748-BCD6-E2485AD6A1A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F838F1E-09D9-48E0-9FD5-29DAB338F914} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {AE3CAAC4-C407-4B98-B626-F90810773E2B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B1B09824-E456-4701-9F6C-66FA3AC7C497} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BA347ACA-AC96-447D-8DB2-477F4B01DE9C} - System32\Tasks\App Explorer => C:\Users\mecna\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7949992 2020-09-04] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {BF37ECC8-0A23-47C6-BEFE-773E500DFB2F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6ba59003-cbb6-4e64-8c48-215ace8d874d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C4B7A0BF-1B85-4AB4-AD87-91828CF584C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0E4B838-C9CC-4A99-A0C3-F24BA151AF6A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {DC99B9C6-A83B-4C4C-AEAD-809829919337} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E2DD63F8-31F3-4893-976C-4EDD33FC7D66} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11693bbf-f6cc-47c0-90f9-ff1be0da7285 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {E818EF88-EE71-4381-A878-EF0A8D954763} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {ED097BB9-1F58-472A-B95E-514B46BD340E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2021-01-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {EE023841-18C1-49D0-8712-FA287A38C453} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{45ffeec1-4021-406b-9cad-4d83cabde051}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{b302dc8c-b963-4153-83da-698cf5a91a11}: [DhcpNameServer] 150.202.1.2

Edge:
=======
DownloadDir: C:\Users\mecna\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\mecna\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-15]
Edge DownloadDir: C:\Users\mecna\Downloads
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}

FireFox:
========
FF DefaultProfile: se3gvlzf.default
FF ProfilePath: C:\Users\mecna\AppData\Roaming\Mozilla\Firefox\Profiles\se3gvlzf.default [2019-10-21]
FF ProfilePath: C:\Users\mecna\AppData\Roaming\Mozilla\Firefox\Profiles\7opasne0.default-release [2021-03-15]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-08-15] (McAfee, LLC -> McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKsl91249d62; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A57D3437-AFB9-4BA0-9F39-CF805325E4C6}\MpKslDrv.sys [90360 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-15 21:18 - 2021-03-15 21:18 - 000018124 _____ C:\Users\mecna\Downloads\FRST.txt
2021-03-15 20:28 - 2021-03-15 21:18 - 000000000 ____D C:\FRST
2021-03-15 20:22 - 2021-03-15 20:26 - 002300928 _____ (Farbar) C:\Users\mecna\Downloads\FRST64 (1).exe
2021-03-15 19:05 - 2021-03-15 19:05 - 006455520 _____ (EnigmaSoft Limited) C:\Users\mecna\Downloads\SpyHunter-Installer.exe
2021-03-15 12:17 - 2021-03-15 12:17 - 000000000 ____D C:\ProgramData\Okidata
2021-03-15 12:17 - 2021-03-15 12:17 - 000000000 ____D C:\Program Files\Okidata
2021-03-15 12:17 - 2014-07-31 15:35 - 000143360 _____ (Oki Data Corporation) C:\WINDOWS\system32\opnetext.dll
2021-03-15 12:17 - 2014-02-25 15:28 - 000004132 _____ C:\WINDOWS\system32\opnedef.str
2021-03-15 12:17 - 2012-01-05 12:21 - 000005832 _____ C:\WINDOWS\system32\license.txt
2021-03-15 12:17 - 2011-11-03 17:37 - 000010104 _____ C:\WINDOWS\SysWOW64\opnetext.hlp
2021-03-15 12:17 - 2011-11-03 17:37 - 000010104 _____ C:\WINDOWS\system32\OPNETEXT.HLP
2021-03-15 12:17 - 2011-11-03 17:37 - 000000144 _____ C:\WINDOWS\SysWOW64\opnetext.cnt
2021-03-15 12:17 - 2011-11-03 17:37 - 000000144 _____ C:\WINDOWS\system32\opnetext.cnt
2021-03-15 12:17 - 2011-11-03 17:37 - 000000000 _____ C:\WINDOWS\SysWOW64\opnetext.gid
2021-03-15 12:17 - 2011-11-03 17:37 - 000000000 _____ C:\WINDOWS\system32\OPNETEXT.GID
2021-03-15 12:15 - 2021-03-15 12:15 - 010436104 _____ C:\Users\mecna\Downloads\OKJ3H04N114_90390.exe
2021-03-15 12:15 - 2016-03-02 17:15 - 000000000 ____D C:\Users\mecna\Downloads\OKJ3H04N114
2021-03-15 12:15 - 2012-11-06 18:52 - 000167936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPDMN075.DLL
2021-03-11 14:29 - 2021-03-11 14:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 14:29 - 2021-03-11 14:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 14:29 - 2021-03-11 14:29 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 14:29 - 2021-03-11 14:29 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 14:29 - 2021-03-11 14:29 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 14:29 - 2021-03-11 14:29 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 14:29 - 2021-03-11 14:29 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 14:29 - 2021-03-11 14:29 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 14:29 - 2021-03-11 14:29 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-11 14:29 - 2021-03-11 14:29 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-11 14:28 - 2021-03-11 14:28 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 09:44 - 2021-03-10 09:44 - 001219482 _____ C:\Users\mecna\Downloads\výuka.zip
2021-02-22 19:33 - 2021-02-22 19:33 - 001013813 _____ C:\Users\mecna\Downloads\diplom-virtualni-jizerska-volny-zavod-2021-iveta-milan-jasikovi.pdf
2021-02-22 18:57 - 2021-02-22 18:57 - 001014665 _____ C:\Users\mecna\Downloads\diplom-virtualni-cez-jizerska-50-2021-vladimir-oburka (1).pdf
2021-02-22 18:56 - 2021-02-22 18:56 - 001014665 _____ C:\Users\mecna\Downloads\diplom-virtualni-cez-jizerska-50-2021-vladimir-oburka.pdf
2021-02-22 18:51 - 2021-02-22 18:51 - 000000000 ____D C:\Users\mecna\Downloads\prilohy_38943
2021-02-22 18:48 - 2021-02-22 18:48 - 001534703 _____ C:\Users\mecna\Downloads\prilohy_38943.zip
2021-02-15 17:12 - 2021-03-15 20:03 - 000000000 ____D C:\Users\mecna\AppData\Roaming\discord
2021-02-15 17:12 - 2021-02-15 17:12 - 000000000 ____D C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-02-15 17:12 - 2021-02-15 17:12 - 000000000 ____D C:\Users\mecna\AppData\Local\SquirrelTemp
2021-02-15 17:12 - 2021-02-15 17:12 - 000000000 ____D C:\Users\mecna\AppData\Local\Discord
2021-02-13 19:34 - 2021-02-13 19:35 - 000224239 _____ C:\Users\mecna\Downloads\_ ### 8 ScioKompetencí - ke sdílení mimo Scio.pdf
2021-02-13 19:32 - 2021-02-13 19:32 - 000000000 ____D C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-15 20:46 - 2020-09-06 13:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-15 20:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-15 20:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-15 20:05 - 2018-10-19 18:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 19:58 - 2020-09-06 13:29 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-15 19:58 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-15 19:58 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-15 19:56 - 2019-02-11 10:47 - 000000000 ____D C:\Program Files\CCleaner
2021-03-15 19:54 - 2020-09-06 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-15 19:54 - 2020-09-06 13:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-15 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-15 19:54 - 2018-10-19 19:56 - 000000000 ____D C:\Users\mecna\AppData\Roaming\WTablet
2021-03-15 19:54 - 2017-09-01 08:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-15 19:53 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-15 19:52 - 2020-09-06 13:26 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-15 19:39 - 2020-11-26 10:19 - 000000000 ____D C:\Users\mecna\AppData\Roaming\.tlauncher
2021-03-15 18:24 - 2021-01-23 13:32 - 000000000 ____D C:\Users\mecna\AppData\Roaming\Malwarebytes
2021-03-15 17:53 - 2020-09-06 13:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-446325204-3823068493-1995417531-1001
2021-03-15 17:53 - 2020-09-05 18:17 - 000002368 _____ C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 17:53 - 2018-10-08 15:59 - 000000000 ___RD C:\Users\mecna\OneDrive
2021-03-15 12:17 - 2018-12-22 18:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-15 12:13 - 2018-10-08 15:50 - 000000000 ____D C:\Users\mecna\AppData\Local\Host App Service
2021-03-15 10:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-15 10:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-15 10:01 - 2018-10-23 15:55 - 000000000 ____D C:\Users\mecna\AppData\Local\PlaceholderTileLogoFolder
2021-03-15 10:01 - 2018-10-08 15:57 - 000000000 ____D C:\Users\mecna\AppData\Local\Packages
2021-03-15 08:09 - 2020-11-26 10:17 - 000000000 ____D C:\Users\mecna\AppData\Roaming\.minecraft
2021-03-14 09:43 - 2020-06-05 23:15 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-14 09:43 - 2020-06-05 23:15 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-14 09:43 - 2020-06-05 23:15 - 000002264 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-13 08:41 - 2018-10-24 19:42 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 22:08 - 2020-09-06 13:18 - 000621048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 14:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 15:24 - 2018-10-09 15:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 15:12 - 2018-10-09 15:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-05 07:37 - 2020-09-06 13:26 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 07:37 - 2020-09-06 13:26 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-23 18:24 - 2020-08-03 11:14 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-08-03 11:14 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2018-10-08 15:57 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-08-03 11:14 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 17:15 - 2020-08-23 18:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-13 19:32 - 2018-11-04 19:54 - 000000000 ____D C:\Users\mecna\AppData\Roaming\Zoom

==================== Files in the root of some directories ========

2020-12-22 08:31 - 2020-12-22 08:31 - 000000039 _____ () C:\Users\mecna\AppData\Local\kritadisplayrc
2018-10-19 18:38 - 2020-12-22 08:31 - 000021153 _____ () C:\Users\mecna\AppData\Local\kritarc
2019-10-12 09:53 - 2019-10-12 09:53 - 000000001 _____ () C:\Users\mecna\AppData\Local\llftool.4.40.agreement
2020-08-03 08:51 - 2020-08-03 08:51 - 000001477 _____ () C:\Users\mecna\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by Iveta (15-03-2021 21:19:32)
Running from C:\Users\mecna\Downloads
Windows 10 Home Version 2004 19041.867 (X64) (2020-09-06 12:27:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-446325204-3823068493-1995417531-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-446325204-3823068493-1995417531-503 - Limited - Disabled)
Guest (S-1-5-21-446325204-3823068493-1995417531-501 - Limited - Disabled)
Iveta (S-1-5-21-446325204-3823068493-1995417531-1001 - Administrator - Enabled) => C:\Users\mecna
linda (S-1-5-21-446325204-3823068493-1995417531-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-446325204-3823068493-1995417531-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Discord (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Krita (x64) 4.1.5 (HKLM\...\Krita_x64) (Version: 4.1.5.100 - Krita Foundation)
Lenovo App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Host App Service) (Version: 0.273.4.172 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
LibreOffice 6.1.6.3 (HKLM\...\{FDD378C0-438D-4E89-A692-6D010D5AF9D0}) (Version: 6.1.6.3 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.88 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.1 (x64 cs)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.12 - F.J. Wechselberger)
NVIDIA PhysX System Software 9.17.0516 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0516 - NVIDIA Corporation)
O&O DiskRecovery (HKLM\...\{B5BDE2B4-EB65-4964-8D37-7AE7C26AC3C2}) (Version: 14.0.17 - O&O Software GmbH)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Služba Lenovo Vantage (HKLM-x32\...\VantageSRV_is1) (Version: 3.3.115.0 - Lenovo Group Ltd.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.31-4 - Wacom Technology Corp.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zoom (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Airport City -> C:\Program Files\WindowsApps\0EB8BD08.AirportCity_8.10.20.0_x86__erk4rrwmt7jyt [2021-02-20] (GAME INSIGHT UAB)
Angry Birds 2 -> C:\Program Files\WindowsApps\1ED5AEA5.4160926B82DB_2.45.0.0_x64__p2gbknwb5d8r2 [2021-02-13] (Rovio Entertainment Ltd)
Angry Birds Friends -> C:\Program Files\WindowsApps\1ED5AEA5.AngryBirdsFriends_9.3.2.0_x64__p2gbknwb5d8r2 [2020-08-21] (Rovio Entertainment Ltd)
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_2.7.300.2_x86__h6adky7gbf63m [2021-02-15] (Gameloft SE)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Despicable Me: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.4.1_x86__0pp20fcewvvtj [2020-09-28] (GAMELOFT SA)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation)
Emergency Ambulance Simulator -> C:\Program Files\WindowsApps\SkisoSoft.EmergencyAmbulanceSimulator_1.2.0.0_x64__bdkna9a3jrn5p [2020-10-08] (SkisoSoft)
Fibonacci Sequence in Nature -> C:\Program Files\WindowsApps\Microsoft.FibonacciSequenceinNature_10.0.0.0_neutral__8wekyb3d8bbwe [2018-11-10] (Microsoft Corporation)
Chicago Bus Simulator -> C:\Program Files\WindowsApps\50154AVLogix.ChicagoBusSimulator_1.1.0.0_x86__q7ke2emr2nmbw [2020-11-17] (A V Logix)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-10-08] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.41.0_x64__k1h2ywk1493x8 [2020-08-06] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2021-01-26] (Microsoft Studios) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-10-08] (Plex)
Public Transport Simulator - Beta -> C:\Program Files\WindowsApps\SkisoSoft.PublicTransportSimulator-Beta_1.35.3.0_x64__bdkna9a3jrn5p [2020-09-10] (SkisoSoft)
Subway Simulator 3D - Metro Train Driver -> C:\Program Files\WindowsApps\SimulatorsLiveLLC.SubwaySimulator3D-MetroTrainDriv_1.1.6.0_x64__4m7mw7nsxfatr [2020-10-15] (Simulators Live, LLC)
Train Simulator -> C:\Program Files\WindowsApps\21524KingActivisionNetEas.TrainSimulator_3.1.0.0_x86__ewj74b6emyjbg [2021-03-15] (King Activision NetEase Games) [MS Ad]
Underground Driving Simulator - Railway -> C:\Program Files\WindowsApps\OneTapGames.UndergroundDrivingSimulator-Railway_1.1.2.0_x64__pq9n2tdep2ssp [2020-11-20] (1TapGames)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-10-08] (LENOVO INCORPORATED.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20082.141.0_x64__8wekyb3d8bbwe [2020-09-13] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-06-02] (WinZip Computing)
Wooden Puzzle - Block Legend -> C:\Program Files\WindowsApps\9867BlockPuzzleGames.WoodenPuzzle-BlockLegend_1.1.5.0_x64__dbwkae47netvc [2020-09-28] (Block Puzzle Games) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-20] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-08-12 06:34 - 2020-05-30 19:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\x64\SQLite.Interop.dll
2020-12-22 08:18 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-06-19 15:43 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> DefaultScope {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{98CA5517-B28D-4F76-B85D-B1B567E93441}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79056E06-BEC2-4DE4-9F9F-E98E66F8670D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{59D60044-E63F-45CC-981B-B8EB0F141E29}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B632469B-4D55-4828-B4DC-B4D8C758EA6C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{A4C402CC-939F-4F74-B4FE-B34E3000BBC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{0C08A91A-E2CA-4EEB-9CF6-84BA1BB17079}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{017538E8-185D-46FA-85C7-633C423D65A4}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{03B28F6E-1F8D-4FBA-A2E6-A0F849D53A23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF024AA5-35A0-46FD-A9E7-0E15E5B6DAB5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{234F71B3-5012-4085-883A-2EC86F4466F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{981BB8F2-AEFD-4F22-B5F3-2E3BD2BBF832}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CBE5FA42-D12B-4937-9C13-A6B51581A320}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{197D5801-3A4A-4B69-B80E-E0124E66FE0F}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{6EF25A23-C49F-4CBA-8DA5-DE5D31DC4F4B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{EC9FA725-BE3F-4C9E-9202-C249DB3B5136}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{89B8E6D7-5F73-4B2C-A4B6-5919405B4AB7}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B135AD00-F0A9-4F03-9282-4D10AFA6C3F9}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E0AAEB5F-3D58-4A11-A163-38261BF2EC53}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:61.27 GB) (52%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/15/2021 02:13:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.19041.844, časové razítko: 0x72a5d55f
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.844, časové razítko: 0x60a6ca36
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000054afb
ID chybujícího procesu: 0x20d0
Čas spuštění chybující aplikace: 0x01d7199c8109f180
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0862c42d-1950-43af-b38e-b89bc6ca160b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/15/2021 12:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: combase.dll, verze: 10.0.19041.844, časové razítko: 0xdd615a1e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d23a8
ID chybujícího procesu: 0x37b0
Čas spuštění chybující aplikace: 0x01d7198bbb789b31
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 8fcaa008-4e59-4d2a-8693-4daab6b3169f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/15/2021 12:10:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.844, časové razítko: 0x5d74feca
Název chybujícího modulu: combase.dll, verze: 10.0.19041.844, časové razítko: 0xdd615a1e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000ba166
ID chybujícího procesu: 0x253c
Čas spuštění chybující aplikace: 0x01d7198bbc8d4eac
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: c4721e03-02ee-4477-9899-e61e656bf2b1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/13/2021 02:56:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/15/2021 07:40:54 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-NA7N4PJC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/15/2021 06:27:48 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-NA7N4PJC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/04/2021 01:12:17 AM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-NA7N4PJC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (03/04/2021 12:00:03 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{45FFEEC1-4021-406B-9CAD-4D83CABDE051}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (03/03/2021 08:41:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/22/2021 07:37:12 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NA7N4PJC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 07:37:12 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NA7N4PJC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/22/2021 07:37:12 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-NA7N4PJC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-03-15 18:22:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/FakeAlert.AA
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mecna\AppData\Roaming\Malwarebytes\Cache\f_0006ff
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-NA7N4PJC\Iveta
Název procesu: C:\Users\mecna\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy\Skype.exe
Verze bezpečnostních informací: AV: 1.333.480.0, AS: 1.333.480.0, NIS: 1.333.480.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-15 18:16:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/FakeAlert.AA
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003e23
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-NA7N4PJC\Iveta
Název procesu: C:\Users\mecna\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy\Skype.exe
Verze bezpečnostních informací: AV: 1.333.480.0, AS: 1.333.480.0, NIS: 1.333.480.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-15 17:50:19
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/FakeAlert.AA
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003d5e
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-NA7N4PJC\Iveta
Název procesu: C:\Users\mecna\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy\Skype.exe
Verze bezpečnostních informací: AV: 1.333.480.0, AS: 1.333.480.0, NIS: 1.333.480.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-15 10:40:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7A602FB0-59CF-4D18-91E3-639438385CD4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-14 12:21:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {47A3AE1D-77F4-44FE-947B-E428BB9E9935}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: LENOVO 6JCN31WW 04/28/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8066.72 MB
Available physical RAM: 4037.49 MB
Total Virtual: 10498.72 MB
Available Virtual: 5792.41 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118 GB) (Free:61.27 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:931.39 GB) (Free:599.28 GB) NTFS

\\?\Volume{f21740bb-f89b-4262-aaa2-6dcf654b2a07}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{4d04310f-abb3-4867-969e-e80d85b49f90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6A352CE2)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EECD97AC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: skype prevít, kontrola PC

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#3 Příspěvek od Bender2009 »

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-16-2021
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 25
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Host App Service
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\mecna\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service

***** [ Files ] *****

Deleted C:\Windows\System32\Tasks_Migrated\App Explorer

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\APP EXPLORER

***** [ Registry ] *****

Deleted HKCU\Software\App Host Service
Deleted HKCU\Software\Host App Service
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA347ACA-AC96-447D-8DB2-477F4B01DE9C}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKU\S-1-5-19\Software\Host App Service
Deleted HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-20\Software\Host App Service
Deleted HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\mecna\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoUtility Folder C:\Program Files\LENOVO\LENOVOUTILITY
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3664 octets] - [16/03/2021 06:32:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: skype prevít, kontrola PC

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#5 Příspěvek od Bender2009 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2021
Ran by Iveta (administrator) on LAPTOP-NA7N4PJC (LENOVO 81BG) (16-03-2021 18:40:24)
Running from C:\Users\mecna\OneDrive\Desktop
Loaded Profiles: Iveta
Platform: Windows 10 Home Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> ) C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.54\identity_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2007.1.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12009.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFT.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.8043.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Run: [Discord] => C:\Users\mecna\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Run: [MicrosoftEdgeAutoLaunch_302C0E0C3E2DDD081A06EB08D1F66094] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKLM\...\Windows x64\Print Processors\OKHSPP3: C:\Windows\System32\spool\prtprocs\x64\OKHSPP3.DLL [62464 2013-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\OKI HiperC Language Monitor7 x64: C:\Windows\system32\OPDMN075.DLL [167936 2012-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Oki Data Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C91AAC0-96A8-4B47-BDA4-6C6313DD5149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {39BB9788-3002-4F99-A332-4CAF8AABCC83} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {40588D74-4E4B-48F0-89BC-4869036A7CAF} - \Lenovo\ImController\TimeBasedEvents\ac19c563-d994-4f49-8613-265c94ff58f8 -> No File <==== ATTENTION
Task: {43344B42-5EB2-4829-8861-34C61DA00E2F} - \Lenovo\ImController\TimeBasedEvents\2c4ff888-a2fb-4aff-9415-e303c3f4f90e -> No File <==== ATTENTION
Task: {4669C430-B9DF-40DA-A088-7F98E0E7D0FE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {5E1FD40C-09A7-472E-A363-BEA644D28F9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6465965A-7C80-4E20-948C-68D88CACFDA9} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {75A2E15C-A0B0-48C6-9916-DFB5FACEFE33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8601A43A-5C2F-4C33-86DC-8723985E525B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {913B99BF-307E-4748-BCD6-E2485AD6A1A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F838F1E-09D9-48E0-9FD5-29DAB338F914} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {AE3CAAC4-C407-4B98-B626-F90810773E2B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B1B09824-E456-4701-9F6C-66FA3AC7C497} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BF37ECC8-0A23-47C6-BEFE-773E500DFB2F} - \Lenovo\ImController\TimeBasedEvents\6ba59003-cbb6-4e64-8c48-215ace8d874d -> No File <==== ATTENTION
Task: {C4B7A0BF-1B85-4AB4-AD87-91828CF584C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D0E4B838-C9CC-4A99-A0C3-F24BA151AF6A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {DC99B9C6-A83B-4C4C-AEAD-809829919337} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E2DD63F8-31F3-4893-976C-4EDD33FC7D66} - \Lenovo\ImController\TimeBasedEvents\11693bbf-f6cc-47c0-90f9-ff1be0da7285 -> No File <==== ATTENTION
Task: {E818EF88-EE71-4381-A878-EF0A8D954763} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {ED097BB9-1F58-472A-B95E-514B46BD340E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2021-01-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {EE023841-18C1-49D0-8712-FA287A38C453} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [816960 2017-10-11] (Intel(R) Trust Services -> Intel(R) Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{45ffeec1-4021-406b-9cad-4d83cabde051}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{b302dc8c-b963-4153-83da-698cf5a91a11}: [DhcpNameServer] 150.202.1.2

Edge:
=======
DownloadDir: C:\Users\mecna\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\mecna\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-16]
Edge DownloadDir: C:\Users\mecna\Downloads
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}

FireFox:
========
FF DefaultProfile: se3gvlzf.default
FF ProfilePath: C:\Users\mecna\AppData\Roaming\Mozilla\Firefox\Profiles\se3gvlzf.default [2019-10-21]
FF ProfilePath: C:\Users\mecna\AppData\Roaming\Mozilla\Firefox\Profiles\7opasne0.default-release [2021-03-15]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-15]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\LenovoVantageService.exe [18360 2020-07-09] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-08-15] (McAfee, LLC -> McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKsl71ad02b2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{17007840-5E08-48FB-8565-AAB445E84BC6}\MpKslDrv.sys [90360 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-16 06:31 - 2021-03-16 06:33 - 000000000 ____D C:\AdwCleaner
2021-03-15 20:28 - 2021-03-16 18:40 - 000000000 ____D C:\FRST
2021-03-15 19:05 - 2021-03-15 19:05 - 006455520 _____ (EnigmaSoft Limited) C:\Users\mecna\Downloads\SpyHunter-Installer.exe
2021-03-15 12:17 - 2021-03-15 12:17 - 000000000 ____D C:\ProgramData\Okidata
2021-03-15 12:17 - 2021-03-15 12:17 - 000000000 ____D C:\Program Files\Okidata
2021-03-15 12:17 - 2014-07-31 15:35 - 000143360 _____ (Oki Data Corporation) C:\WINDOWS\system32\opnetext.dll
2021-03-15 12:17 - 2014-02-25 15:28 - 000004132 _____ C:\WINDOWS\system32\opnedef.str
2021-03-15 12:17 - 2012-01-05 12:21 - 000005832 _____ C:\WINDOWS\system32\license.txt
2021-03-15 12:17 - 2011-11-03 17:37 - 000010104 _____ C:\WINDOWS\SysWOW64\opnetext.hlp
2021-03-15 12:17 - 2011-11-03 17:37 - 000010104 _____ C:\WINDOWS\system32\OPNETEXT.HLP
2021-03-15 12:17 - 2011-11-03 17:37 - 000000144 _____ C:\WINDOWS\SysWOW64\opnetext.cnt
2021-03-15 12:17 - 2011-11-03 17:37 - 000000144 _____ C:\WINDOWS\system32\opnetext.cnt
2021-03-15 12:17 - 2011-11-03 17:37 - 000000000 _____ C:\WINDOWS\SysWOW64\opnetext.gid
2021-03-15 12:17 - 2011-11-03 17:37 - 000000000 _____ C:\WINDOWS\system32\OPNETEXT.GID
2021-03-15 12:15 - 2021-03-15 12:15 - 010436104 _____ C:\Users\mecna\Downloads\OKJ3H04N114_90390.exe
2021-03-15 12:15 - 2016-03-02 17:15 - 000000000 ____D C:\Users\mecna\Downloads\OKJ3H04N114
2021-03-15 12:15 - 2012-11-06 18:52 - 000167936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPDMN075.DLL
2021-03-11 14:29 - 2021-03-11 14:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 14:29 - 2021-03-11 14:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 14:29 - 2021-03-11 14:29 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 14:29 - 2021-03-11 14:29 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 14:29 - 2021-03-11 14:29 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 14:29 - 2021-03-11 14:29 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 14:29 - 2021-03-11 14:29 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 14:29 - 2021-03-11 14:29 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 14:29 - 2021-03-11 14:29 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-11 14:29 - 2021-03-11 14:29 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-11 14:28 - 2021-03-11 14:28 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-10 09:44 - 2021-03-10 09:44 - 001219482 _____ C:\Users\mecna\Downloads\výuka.zip
2021-02-22 19:33 - 2021-02-22 19:33 - 001013813 _____ C:\Users\mecna\Downloads\diplom-virtualni-jizerska-volny-zavod-2021-iveta-milan-jasikovi.pdf
2021-02-22 18:57 - 2021-02-22 18:57 - 001014665 _____ C:\Users\mecna\Downloads\diplom-virtualni-cez-jizerska-50-2021-vladimir-oburka (1).pdf
2021-02-22 18:56 - 2021-02-22 18:56 - 001014665 _____ C:\Users\mecna\Downloads\diplom-virtualni-cez-jizerska-50-2021-vladimir-oburka.pdf
2021-02-22 18:51 - 2021-02-22 18:51 - 000000000 ____D C:\Users\mecna\Downloads\prilohy_38943
2021-02-22 18:48 - 2021-02-22 18:48 - 001534703 _____ C:\Users\mecna\Downloads\prilohy_38943.zip
2021-02-15 17:12 - 2021-03-15 20:03 - 000000000 ____D C:\Users\mecna\AppData\Roaming\discord
2021-02-15 17:12 - 2021-02-15 17:12 - 000000000 ____D C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-02-15 17:12 - 2021-02-15 17:12 - 000000000 ____D C:\Users\mecna\AppData\Local\SquirrelTemp
2021-02-15 17:12 - 2021-02-15 17:12 - 000000000 ____D C:\Users\mecna\AppData\Local\Discord

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-16 18:38 - 2020-09-06 13:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-16 18:14 - 2020-11-26 10:17 - 000000000 ____D C:\Users\mecna\AppData\Roaming\.minecraft
2021-03-16 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-16 17:51 - 2020-11-26 10:19 - 000000000 ____D C:\Users\mecna\AppData\Roaming\.tlauncher
2021-03-16 13:41 - 2017-09-01 08:41 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-16 07:58 - 2019-02-11 10:47 - 000000000 ____D C:\Program Files\CCleaner
2021-03-16 06:33 - 2020-09-06 13:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-16 06:33 - 2020-09-05 18:16 - 000000000 ____D C:\WINDOWS\Lenovo
2021-03-16 06:33 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-16 06:33 - 2018-10-08 16:03 - 000000000 ____D C:\Users\mecna\AppData\Local\Lenovo
2021-03-16 06:33 - 2017-09-01 08:44 - 000000000 ____D C:\ProgramData\Lenovo
2021-03-16 06:33 - 2017-09-01 08:23 - 000000000 ____D C:\Program Files\Lenovo
2021-03-16 06:27 - 2018-10-19 19:56 - 000000000 ____D C:\Users\mecna\AppData\Roaming\WTablet
2021-03-15 20:28 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-15 20:05 - 2018-10-19 18:11 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-15 19:58 - 2020-09-06 13:29 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-15 19:58 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-15 19:58 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-15 19:54 - 2020-09-06 13:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-15 19:54 - 2020-09-06 13:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-15 19:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-15 19:53 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-15 19:52 - 2020-09-06 13:26 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-15 18:24 - 2021-01-23 13:32 - 000000000 ____D C:\Users\mecna\AppData\Roaming\Malwarebytes
2021-03-15 17:53 - 2020-09-06 13:26 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-446325204-3823068493-1995417531-1001
2021-03-15 17:53 - 2020-09-05 18:17 - 000002368 _____ C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-15 17:53 - 2018-10-08 15:59 - 000000000 ___RD C:\Users\mecna\OneDrive
2021-03-15 12:17 - 2018-12-22 18:55 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-03-15 10:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-15 10:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-15 10:01 - 2018-10-23 15:55 - 000000000 ____D C:\Users\mecna\AppData\Local\PlaceholderTileLogoFolder
2021-03-15 10:01 - 2018-10-08 15:57 - 000000000 ____D C:\Users\mecna\AppData\Local\Packages
2021-03-14 09:43 - 2020-06-05 23:15 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-14 09:43 - 2020-06-05 23:15 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-14 09:43 - 2020-06-05 23:15 - 000002264 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-13 08:41 - 2018-10-24 19:42 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 22:08 - 2020-09-06 13:18 - 000621048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-11 22:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-11 14:32 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 15:24 - 2018-10-09 15:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 15:12 - 2018-10-09 15:34 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-05 07:37 - 2020-09-06 13:26 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-05 07:37 - 2020-09-06 13:26 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-23 18:24 - 2020-08-03 11:14 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-08-03 11:14 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2018-10-08 15:57 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-08-03 11:14 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 17:15 - 2020-08-23 18:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Files in the root of some directories ========

2020-12-22 08:31 - 2020-12-22 08:31 - 000000039 _____ () C:\Users\mecna\AppData\Local\kritadisplayrc
2018-10-19 18:38 - 2020-12-22 08:31 - 000021153 _____ () C:\Users\mecna\AppData\Local\kritarc
2019-10-12 09:53 - 2019-10-12 09:53 - 000000001 _____ () C:\Users\mecna\AppData\Local\llftool.4.40.agreement
2020-08-03 08:51 - 2020-08-03 08:51 - 000001477 _____ () C:\Users\mecna\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by Iveta (16-03-2021 18:41:46)
Running from C:\Users\mecna\OneDrive\Desktop
Windows 10 Home Version 2004 19041.867 (X64) (2020-09-06 12:27:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-446325204-3823068493-1995417531-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-446325204-3823068493-1995417531-503 - Limited - Disabled)
Guest (S-1-5-21-446325204-3823068493-1995417531-501 - Limited - Disabled)
Iveta (S-1-5-21-446325204-3823068493-1995417531-1001 - Administrator - Enabled) => C:\Users\mecna
linda (S-1-5-21-446325204-3823068493-1995417531-1002 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-446325204-3823068493-1995417531-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20145 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Discord (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
GIMP 2.10.14 (HKLM\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Krita (x64) 4.1.5 (HKLM\...\Krita_x64) (Version: 4.1.5.100 - Krita Foundation)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
LibreOffice 6.1.6.3 (HKLM\...\{FDD378C0-438D-4E89-A692-6D010D5AF9D0}) (Version: 6.1.6.3 - The Document Foundation)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.88 - McAfee, LLC.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\OneDriveSetup.exe) (Version: 21.030.0211.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.1 (x64 cs)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.3 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.12 - F.J. Wechselberger)
NVIDIA PhysX System Software 9.17.0516 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0516 - NVIDIA Corporation)
O&O DiskRecovery (HKLM\...\{B5BDE2B4-EB65-4964-8D37-7AE7C26AC3C2}) (Version: 14.0.17 - O&O Software GmbH)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Služba Lenovo Vantage (HKLM-x32\...\VantageSRV_is1) (Version: 3.3.115.0 - Lenovo Group Ltd.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0-2) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.31-4 - Wacom Technology Corp.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zoom (HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)

Packages:
=========
Airport City -> C:\Program Files\WindowsApps\0EB8BD08.AirportCity_8.10.20.0_x86__erk4rrwmt7jyt [2021-02-20] (GAME INSIGHT UAB)
Angry Birds 2 -> C:\Program Files\WindowsApps\1ED5AEA5.4160926B82DB_2.45.0.0_x64__p2gbknwb5d8r2 [2021-02-13] (Rovio Entertainment Ltd)
Angry Birds Friends -> C:\Program Files\WindowsApps\1ED5AEA5.AngryBirdsFriends_9.3.2.0_x64__p2gbknwb5d8r2 [2020-08-21] (Rovio Entertainment Ltd)
Asphalt 9: Legends -> C:\Program Files\WindowsApps\A278AB0D.Asphalt9_2.7.300.2_x86__h6adky7gbf63m [2021-02-15] (Gameloft SE)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-08] (Autodesk Inc.)
Despicable Me: Minion Rush -> C:\Program Files\WindowsApps\GAMELOFTSA.DespicableMeMinionRush_4.1.4.1_x86__0pp20fcewvvtj [2020-09-28] (GAMELOFT SA)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-06-17] (Microsoft Corporation)
Emergency Ambulance Simulator -> C:\Program Files\WindowsApps\SkisoSoft.EmergencyAmbulanceSimulator_1.2.0.0_x64__bdkna9a3jrn5p [2020-10-08] (SkisoSoft)
Fibonacci Sequence in Nature -> C:\Program Files\WindowsApps\Microsoft.FibonacciSequenceinNature_10.0.0.0_neutral__8wekyb3d8bbwe [2018-11-10] (Microsoft Corporation)
Chicago Bus Simulator -> C:\Program Files\WindowsApps\50154AVLogix.ChicagoBusSimulator_1.1.0.0_x86__q7ke2emr2nmbw [2020-11-17] (A V Logix)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-10-08] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.41.0_x64__k1h2ywk1493x8 [2020-08-06] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2021-01-26] (Microsoft Studios) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-10-08] (Plex)
Public Transport Simulator - Beta -> C:\Program Files\WindowsApps\SkisoSoft.PublicTransportSimulator-Beta_1.35.3.0_x64__bdkna9a3jrn5p [2020-09-10] (SkisoSoft)
Subway Simulator 3D - Metro Train Driver -> C:\Program Files\WindowsApps\SimulatorsLiveLLC.SubwaySimulator3D-MetroTrainDriv_1.1.6.0_x64__4m7mw7nsxfatr [2020-10-15] (Simulators Live, LLC)
Train Simulator -> C:\Program Files\WindowsApps\21524KingActivisionNetEas.TrainSimulator_3.1.0.0_x86__ewj74b6emyjbg [2021-03-15] (King Activision NetEase Games) [MS Ad]
Underground Driving Simulator - Railway -> C:\Program Files\WindowsApps\OneTapGames.UndergroundDrivingSimulator-Railway_1.1.2.0_x64__pq9n2tdep2ssp [2020-11-20] (1TapGames)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-10-08] (LENOVO INCORPORATED.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20082.141.0_x64__8wekyb3d8bbwe [2020-09-13] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-06-02] (WinZip Computing)
Wooden Puzzle - Block Legend -> C:\Program Files\WindowsApps\9867BlockPuzzleGames.WoodenPuzzle-BlockLegend_1.1.5.0_x64__dbwkae47netvc [2020-09-28] (Block Puzzle Games) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-20] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-08-12 06:34 - 2020-05-30 19:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.3.115.0\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> DefaultScope {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2020-11-26] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-15] (McAfee, LLC -> McAfee, Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mecna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\...\StartupApproved\Run: => "Discord"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{98CA5517-B28D-4F76-B85D-B1B567E93441}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79056E06-BEC2-4DE4-9F9F-E98E66F8670D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{59D60044-E63F-45CC-981B-B8EB0F141E29}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B632469B-4D55-4828-B4DC-B4D8C758EA6C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{A4C402CC-939F-4F74-B4FE-B34E3000BBC4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [TCP Query User{0C08A91A-E2CA-4EEB-9CF6-84BA1BB17079}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [UDP Query User{017538E8-185D-46FA-85C7-633C423D65A4}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe (Franz Josef Wechselberger -> F.J. Wechselberger)
FirewallRules: [{03B28F6E-1F8D-4FBA-A2E6-A0F849D53A23}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AF024AA5-35A0-46FD-A9E7-0E15E5B6DAB5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{234F71B3-5012-4085-883A-2EC86F4466F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{981BB8F2-AEFD-4F22-B5F3-2E3BD2BBF832}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{CBE5FA42-D12B-4937-9C13-A6B51581A320}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{197D5801-3A4A-4B69-B80E-E0124E66FE0F}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{6EF25A23-C49F-4CBA-8DA5-DE5D31DC4F4B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{EC9FA725-BE3F-4C9E-9202-C249DB3B5136}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{89B8E6D7-5F73-4B2C-A4B6-5919405B4AB7}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{B135AD00-F0A9-4F03-9282-4D10AFA6C3F9}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{E0AAEB5F-3D58-4A11-A163-38261BF2EC53}] => (Allow) C:\Users\mecna\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:60.74 GB) (51%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (03/15/2021 07:53:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (03/15/2021 02:13:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: smartscreen.exe, verze: 10.0.19041.844, časové razítko: 0x72a5d55f
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.844, časové razítko: 0x60a6ca36
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000054afb
ID chybujícího procesu: 0x20d0
Čas spuštění chybující aplikace: 0x01d7199c8109f180
Cesta k chybující aplikaci: C:\Windows\System32\smartscreen.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 0862c42d-1950-43af-b38e-b89bc6ca160b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/15/2021 12:10:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.546, časové razítko: 0x058e175a
Název chybujícího modulu: combase.dll, verze: 10.0.19041.844, časové razítko: 0xdd615a1e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d23a8
ID chybujícího procesu: 0x37b0
Čas spuštění chybující aplikace: 0x01d7198bbb789b31
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 8fcaa008-4e59-4d2a-8693-4daab6b3169f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/15/2021 12:10:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.844, časové razítko: 0x5d74feca
Název chybujícího modulu: combase.dll, verze: 10.0.19041.844, časové razítko: 0xdd615a1e
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000ba166
ID chybujícího procesu: 0x253c
Čas spuštění chybující aplikace: 0x01d7198bbc8d4eac
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: c4721e03-02ee-4477-9899-e61e656bf2b1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/13/2021 02:56:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)


System errors:
=============
Error: (03/16/2021 02:55:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 02:41:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 02:41:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 02:40:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 12:24:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 12:10:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 12:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/16/2021 12:09:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2021-03-15 18:22:32
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/FakeAlert.AA
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mecna\AppData\Roaming\Malwarebytes\Cache\f_0006ff
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-NA7N4PJC\Iveta
Název procesu: C:\Users\mecna\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy\Skype.exe
Verze bezpečnostních informací: AV: 1.333.480.0, AS: 1.333.480.0, NIS: 1.333.480.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-15 18:16:47
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/FakeAlert.AA
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003e23
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-NA7N4PJC\Iveta
Název procesu: C:\Users\mecna\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy\Skype.exe
Verze bezpečnostních informací: AV: 1.333.480.0, AS: 1.333.480.0, NIS: 1.333.480.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-15 17:50:19
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:HTML/FakeAlert.AA
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003d5e
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-NA7N4PJC\Iveta
Název procesu: C:\Users\mecna\AppData\Local\Packages\Microsoft.Windows.Skype_cw5n1h2txyewy\Skype.exe
Verze bezpečnostních informací: AV: 1.333.480.0, AS: 1.333.480.0, NIS: 1.333.480.0
Verze modulu: AM: 1.1.17900.7, NIS: 1.1.17900.7

Date: 2021-03-15 10:40:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7A602FB0-59CF-4D18-91E3-639438385CD4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-14 12:21:45
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {47A3AE1D-77F4-44FE-947B-E428BB9E9935}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: LENOVO 6JCN31WW 04/28/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 46%
Total physical RAM: 8066.72 MB
Available physical RAM: 4292.29 MB
Total Virtual: 10498.72 MB
Available Virtual: 5797.95 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:118 GB) (Free:60.74 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:931.39 GB) (Free:599.28 GB) NTFS

\\?\Volume{f21740bb-f89b-4262-aaa2-6dcf654b2a07}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{4d04310f-abb3-4867-969e-e80d85b49f90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6A352CE2)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: EECD97AC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: skype prevít, kontrola PC

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
Task: {0C91AAC0-96A8-4B47-BDA4-6C6313DD5149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {40588D74-4E4B-48F0-89BC-4869036A7CAF} - \Lenovo\ImController\TimeBasedEvents\ac19c563-d994-4f49-8613-265c94ff58f8 -> No File <==== ATTENTION
Task: {43344B42-5EB2-4829-8861-34C61DA00E2F} - \Lenovo\ImController\TimeBasedEvents\2c4ff888-a2fb-4aff-9415-e303c3f4f90e -> No File <==== ATTENTION
Task: {8601A43A-5C2F-4C33-86DC-8723985E525B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {BF37ECC8-0A23-47C6-BEFE-773E500DFB2F} - \Lenovo\ImController\TimeBasedEvents\6ba59003-cbb6-4e64-8c48-215ace8d874d -> No File <==== ATTENTION
Task: {E2DD63F8-31F3-4893-976C-4EDD33FC7D66} - \Lenovo\ImController\TimeBasedEvents\11693bbf-f6cc-47c0-90f9-ff1be0da7285 -> No File <==== ATTENTION
Task: {E818EF88-EE71-4381-A878-EF0A8D954763} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> DefaultScope {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> DefaultScope {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
C:\Users\mecna\AppData\Roaming\Malwarebytes\Cache\f_0006ff
C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003e23
C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003d5e


EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#7 Příspěvek od Bender2009 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-03-2021
Ran by Iveta (16-03-2021 19:05:00) Run:1
Running from C:\Users\mecna\OneDrive\Desktop
Loaded Profiles: Iveta
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle America, Inc. -> Oracle Corporation)
Task: {0C91AAC0-96A8-4B47-BDA4-6C6313DD5149} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {40588D74-4E4B-48F0-89BC-4869036A7CAF} - \Lenovo\ImController\TimeBasedEvents\ac19c563-d994-4f49-8613-265c94ff58f8 -> No File <==== ATTENTION
Task: {43344B42-5EB2-4829-8861-34C61DA00E2F} - \Lenovo\ImController\TimeBasedEvents\2c4ff888-a2fb-4aff-9415-e303c3f4f90e -> No File <==== ATTENTION
Task: {8601A43A-5C2F-4C33-86DC-8723985E525B} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {BF37ECC8-0A23-47C6-BEFE-773E500DFB2F} - \Lenovo\ImController\TimeBasedEvents\6ba59003-cbb6-4e64-8c48-215ace8d874d -> No File <==== ATTENTION
Task: {E2DD63F8-31F3-4893-976C-4EDD33FC7D66} - \Lenovo\ImController\TimeBasedEvents\11693bbf-f6cc-47c0-90f9-ff1be0da7285 -> No File <==== ATTENTION
Task: {E818EF88-EE71-4381-A878-EF0A8D954763} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> DefaultScope {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> DefaultScope {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
SearchScopes: HKU\S-1-5-21-446325204-3823068493-1995417531-1001 -> {B0816C32-484A-4A63-ADC5-2882BF92739E} URL =
C:\Users\mecna\AppData\Roaming\Malwarebytes\Cache\f_0006ff
C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003e23
C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003d5e


EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C91AAC0-96A8-4B47-BDA4-6C6313DD5149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C91AAC0-96A8-4B47-BDA4-6C6313DD5149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40588D74-4E4B-48F0-89BC-4869036A7CAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40588D74-4E4B-48F0-89BC-4869036A7CAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\ac19c563-d994-4f49-8613-265c94ff58f8" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43344B42-5EB2-4829-8861-34C61DA00E2F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43344B42-5EB2-4829-8861-34C61DA00E2F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\2c4ff888-a2fb-4aff-9415-e303c3f4f90e" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8601A43A-5C2F-4C33-86DC-8723985E525B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8601A43A-5C2F-4C33-86DC-8723985E525B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF37ECC8-0A23-47C6-BEFE-773E500DFB2F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF37ECC8-0A23-47C6-BEFE-773E500DFB2F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6ba59003-cbb6-4e64-8c48-215ace8d874d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2DD63F8-31F3-4893-976C-4EDD33FC7D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2DD63F8-31F3-4893-976C-4EDD33FC7D66}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\11693bbf-f6cc-47c0-90f9-ff1be0da7285" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E818EF88-EE71-4381-A878-EF0A8D954763}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E818EF88-EE71-4381-A878-EF0A8D954763}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
"HKU\S-1-5-21-446325204-3823068493-1995417531-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0816C32-484A-4A63-ADC5-2882BF92739E} => removed successfully
"HKU\S-1-5-21-446325204-3823068493-1995417531-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => not found
"HKU\S-1-5-21-446325204-3823068493-1995417531-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKU\S-1-5-21-446325204-3823068493-1995417531-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B0816C32-484A-4A63-ADC5-2882BF92739E} => not found
"C:\Users\mecna\AppData\Roaming\Malwarebytes\Cache\f_0006ff" => not found
"C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003e23" => not found
"C:\Users\mecna\AppData\Roaming\Malwarebytes\Partitions\service\Cache\f_003d5e" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13952485 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 2378619 B
Edge => 2172855 B
Firefox => 14549471 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 4712 B
mecna => 67897407 B

RecycleBin => 0 B
EmptyTemp: => 106.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:06:12 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: skype prevít, kontrola PC

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#9 Příspěvek od Bender2009 »

Děkuji Pěkně :worship: :thumbsup:

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#10 Příspěvek od Bender2009 »

Ještě jedná věc, v ccleaner mi vyjely po kontrole registru tyto problémy, přičemž jeden z nich se i po smazání stále oběvuje... :?:
Přílohy
Bez názvu.jpg
Bez názvu.jpg (29.06 KiB) Zobrazeno 5406 x

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#11 Příspěvek od Bender2009 »

zabaleny obrázek
Přílohy
Bez názvu.zip
(195.37 KiB) Staženo 43 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: skype prevít, kontrola PC

#12 Příspěvek od Rudy »

Nic to není, pouze zbytky po smazaných aplikacích. Některé se obnovují, to je ve Windows normální.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Bender2009
Návštěvník
Návštěvník
Příspěvky: 125
Registrován: 22 srp 2011 18:56

Re: skype prevít, kontrola PC

#13 Příspěvek od Bender2009 »

ok děkuji za váš čas :lol:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: skype prevít, kontrola PC

#14 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno