Dobrý den,
můj notebook se začas pravidelně zasekávat bez ohledu na aktuální činnosti. Je jej vždy nutné natvrdo vypnout a znovu zapnout, jinak nezačne reagovat ani po delší chvíli. Nyní už to dělá po každém spuštění.
Prosím o radu. Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-09-2021 02
Ran by zdenka (administrator) on DESKTOP-QI0P4VT (LENOVO 80T3) (01-10-2021 07:37:52)
Running from C:\Users\zdenka\Downloads
Loaded Profiles: zdenka
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Facebook Inc) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\Messenger.exe <5>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18392968 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502600 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502600 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16BC1D91-ED5E-46CE-8BB8-9C3AA33E2354} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C97989-DAC3-4A62-90AA-F93D7E7F49A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2EBF2B45-5262-4E23-B61D-7C4E6D034965} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3045FB17-9FF5-4BA0-A95E-0E03129AD38E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {468D47FC-C3B0-4773-8744-85674DFA749E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {4958B0CB-4087-4187-9461-C3AC1F24B7B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C10BA06-4396-441B-A3D6-CF8DA7BB898E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {77E64298-172A-4AF2-9A1E-46CDB7CA2717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {8251CB31-F572-456F-829F-78900500C956} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0C0EE51-5062-4613-B852-EA28ACE467A9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4F47A34-84B0-463E-B2FC-71D4C03A6594} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.194.204.126 85.142.148.70
Tcpip\..\Interfaces\{e9956811-7bf9-4efd-9b9f-4fd27305935a}: [DhcpNameServer] 213.194.204.126 85.142.148.70
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-30]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default [2021-10-01]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-16]
CHR Extension: (Dokumenty) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-16]
CHR Extension: (Disk Google) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-16]
CHR Extension: (Tabulky) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 MpKsl1745cc54; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AB0CD4A7-27E8-4BC4-9963-43290FCCA126}\MpKslDrv.sys [130296 2021-09-30] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslebaeb274; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AB0CD4A7-27E8-4BC4-9963-43290FCCA126}\MpKslDrv.sys [130296 2021-09-30] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriverGen; C:\Windows\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [899672 2017-10-19] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-01 07:37 - 2021-10-01 07:38 - 000014768 _____ C:\Users\zdenka\Downloads\FRST.txt
2021-10-01 07:37 - 2021-10-01 07:38 - 000000000 ____D C:\FRST
2021-10-01 07:36 - 2021-10-01 07:37 - 002304512 _____ (Farbar) C:\Users\zdenka\Downloads\FRST64.exe
2021-10-01 07:36 - 2021-10-01 07:36 - 002016256 _____ (Farbar) C:\Users\zdenka\Downloads\FRST.exe
2021-09-24 06:45 - 2021-09-24 06:45 - 000358113 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-10.pdf
2021-09-24 06:44 - 2021-09-24 06:44 - 000345848 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-9-1.pdf
2021-09-23 22:51 - 2021-09-23 22:51 - 001404367 _____ C:\Users\zdenka\Downloads\DamskySvetr.pdf
2021-09-23 16:43 - 2021-09-23 16:43 - 002867271 _____ C:\Users\zdenka\Downloads\Image (10).pdf
2021-09-21 18:54 - 2021-09-21 18:54 - 002445041 _____ C:\Users\zdenka\Downloads\Návod Prime HT Cz-sk.pdf
2021-09-19 21:36 - 2021-09-19 21:36 - 001301756 _____ C:\Users\zdenka\Downloads\CAL-cast3_v3.pdf
2021-09-19 19:31 - 2021-09-19 19:31 - 000361658 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-5-1.pdf
2021-09-18 12:39 - 2021-09-18 12:39 - 000040755 _____ C:\Users\zdenka\Downloads\overeni_totoznosti_5SVM5GD5QY.pdf
2021-09-18 12:09 - 2021-09-18 12:09 - 000075204 _____ C:\Users\zdenka\Downloads\Bezpečnostní kódy.pdf
2021-09-18 12:09 - 2021-09-18 12:09 - 000000000 ____D C:\Users\zdenka\AppData\LocalLow\Temp
2021-09-17 19:56 - 2021-09-17 19:56 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-17 19:56 - 2021-09-17 19:56 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-17 19:56 - 2021-09-17 19:56 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-17 19:56 - 2021-09-17 19:56 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-17 19:56 - 2021-09-17 19:56 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-17 19:56 - 2021-09-17 19:56 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-17 19:56 - 2021-09-17 19:56 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-17 19:56 - 2021-09-17 19:56 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-17 19:56 - 2021-09-17 19:56 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-17 19:55 - 2021-09-17 19:55 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-17 19:55 - 2021-09-17 19:55 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-17 19:55 - 2021-09-17 19:55 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-17 19:55 - 2021-09-17 19:55 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-17 19:55 - 2021-09-17 19:55 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-17 19:55 - 2021-09-17 19:55 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-17 19:55 - 2021-09-17 19:55 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-17 19:55 - 2021-09-17 19:55 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-17 19:42 - 2021-09-17 19:42 - 000000000 ___HD C:\$WinREAgent
2021-09-16 15:52 - 2021-09-16 15:52 - 000126386 _____ C:\Users\zdenka\Downloads\Homework_16092021_II.pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000337732 _____ C:\Users\zdenka\Downloads\zprava_947192811_prijata.zfo
2021-09-14 17:07 - 2021-09-14 17:07 - 000273296 _____ C:\Users\zdenka\Downloads\priloha_923565208_0_souhlas se společným záměrem_Trans Profi stav nástavba sklepa Nový Přerov (1).pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000239259 _____ C:\Users\zdenka\Downloads\priloha_947192811_0_ÚS_přípojkaNN ENORM, a.s., k.ú. Nový Přerov, přípojka kNN Friedel .pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000239259 _____ C:\Users\zdenka\Downloads\priloha_947192811_0_ÚS_přípojkaNN ENORM, a.s., k.ú. Nový Přerov, přípojka kNN Friedel (1).pdf
2021-09-13 20:04 - 2021-09-13 20:04 - 000405565 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-1.pdf
2021-09-12 19:40 - 2021-09-12 19:40 - 001323878 _____ C:\Users\zdenka\Downloads\CAL 2v1 - část 2.pdf
2021-09-08 17:00 - 2021-09-08 17:04 - 002867000 _____ C:\Users\zdenka\Downloads\Dead Man Island 2.pdf
2021-09-08 16:58 - 2021-09-08 16:58 - 002867271 _____ C:\Users\zdenka\Downloads\Image (14).pdf
2021-09-07 19:54 - 2021-09-07 19:54 - 023776340 _____ C:\Users\zdenka\Downloads\CPE READING, USE of English +key (1).pdf
2021-09-07 17:02 - 2021-09-07 17:02 - 023776340 _____ C:\Users\zdenka\Downloads\CPE READING, USE of English +key.pdf
2021-09-07 16:51 - 2021-09-07 16:51 - 000000000 ____D C:\Users\zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-07 15:35 - 2021-09-07 15:35 - 000913123 _____ C:\Users\zdenka\Downloads\Girl_Reading_3.pdf
2021-09-07 15:35 - 2021-09-07 15:35 - 000849636 _____ C:\Users\zdenka\Downloads\Girl_Reading_2.pdf
2021-09-07 15:35 - 2021-09-07 15:35 - 000743933 _____ C:\Users\zdenka\Downloads\Girl_Reading_1.pdf
2021-09-05 19:59 - 2021-09-05 19:59 - 001147829 _____ C:\Users\zdenka\Downloads\CAL 2v1 - část 1.pdf
2021-09-01 20:36 - 2021-09-29 19:59 - 000000000 ____D C:\Program Files\Microsoft OneDrive
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-01 07:38 - 2021-06-16 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-01 07:37 - 2019-12-07 16:43 - 000683426 _____ C:\Windows\system32\perfh005.dat
2021-10-01 07:37 - 2019-12-07 16:43 - 000137206 _____ C:\Windows\system32\perfc005.dat
2021-10-01 07:37 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-01 07:37 - 2019-12-07 09:06 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-01 07:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 07:30 - 2021-06-16 08:57 - 000000000 __SHD C:\Users\zdenka\IntelGraphicsProfiles
2021-10-01 07:30 - 2021-06-16 08:51 - 000000000 ____D C:\ProgramData\Synaptics
2021-10-01 07:30 - 2019-12-07 09:05 - 000000000 ___RD C:\Users\zdenka\OneDrive
2021-10-01 07:30 - 2019-12-07 09:02 - 000000000 ____D C:\Users\zdenka
2021-10-01 07:30 - 2019-12-07 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-01 07:30 - 2019-12-07 08:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-01 07:30 - 2019-12-07 08:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-01 07:15 - 2021-06-16 19:03 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 07:15 - 2021-06-16 19:03 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 16:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-30 16:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-30 16:46 - 2021-06-16 19:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-28 17:16 - 2021-08-17 20:21 - 000000000 ____D C:\Users\zdenka\OneDrive\Dokumenty\Zoom
2021-09-28 12:55 - 2021-06-16 19:22 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-09-28 12:54 - 2021-06-16 19:22 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-26 19:59 - 2019-12-07 09:03 - 000000000 ____D C:\Users\zdenka\AppData\Local\Packages
2021-09-26 19:40 - 2019-12-07 08:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 12:58 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-18 12:55 - 2019-12-07 08:58 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-18 12:54 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-18 12:54 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-17 20:02 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-17 19:42 - 2021-06-16 08:59 - 000000000 ____D C:\Windows\system32\MRT
2021-09-17 19:40 - 2021-06-16 08:59 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-14 20:44 - 2021-06-16 19:05 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-12 18:00 - 2021-06-19 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-09 09:48 - 2019-12-07 08:59 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-09-07 16:51 - 2021-06-17 18:08 - 000000000 ____D C:\Users\zdenka\AppData\Roaming\Zoom
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-09-2021 02
Ran by zdenka (01-10-2021 07:39:16)
Running from C:\Users\zdenka\Downloads
Windows 10 Pro Version 21H1 19043.1237 (X64) (2019-12-07 07:00:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2392048284-2277999237-1960427696-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2392048284-2277999237-1960427696-503 - Limited - Disabled)
Guest (S-1-5-21-2392048284-2277999237-1960427696-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2392048284-2277999237-1960427696-504 - Limited - Disabled)
zdenka (S-1-5-21-2392048284-2277999237-1960427696-1001 - Administrator - Enabled) => C:\Users\zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Zoom (HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2021-06-24] (Adobe Systems Incorporated)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-06-17] (Netflix, Inc.)
PDF reader for adobe acrobat -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.0.9.0_x64__1cyam58dzt1cw [2021-09-07] (PDF reader apps)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0 [2021-09-22] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\igfxDTCM.dll [2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-06-17 19:18 - 2021-06-17 19:18 - 054230016 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\addon.node
2021-06-17 19:18 - 2021-06-17 19:18 - 000763392 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\keytar.node
2021-06-17 19:18 - 2021-06-17 19:18 - 000750080 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\logging.node
2021-06-17 19:18 - 2021-06-17 19:18 - 001037824 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\spellchecker_win.node
2021-06-17 19:18 - 2021-06-17 19:18 - 001218560 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\systeminfo.node
2021-06-17 19:18 - 2021-06-17 19:18 - 000614912 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.applicationmodel.node
2021-06-17 19:18 - 2021-06-17 19:18 - 000202240 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.networking.pushnotifications.node
2021-06-17 19:18 - 2021-06-17 19:18 - 001144832 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.storage.node
2021-06-17 19:18 - 2021-06-17 19:18 - 000681984 _____ () [File not signed] \\?\C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt\app\Archon\app\resources\app.asar.unpacked\build\windows.ui.notifications.node
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.194.204.126 - 85.142.148.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{33A83A94-F137-4269-93FB-736364194012}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DE2B1C2-CDAA-4F89-949F-0A5E86A55982}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF4AF15E-57A2-404F-9108-934EC74AAFCE}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{664BB0AA-06FA-4DBD-9F29-89CE6C500EDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{421D40E0-67C1-4088-A088-FD0181D42668}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3CF05F0-45AB-433A-B24A-A481DCC87B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45D82FBB-DB19-4F9D-A9DD-782A61B089DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35A612C7-9B63-427C-BD30-9452F1581897}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5260176E-CEFB-465A-9C63-2C121CE5D3AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3B959F0-356A-4401-9D12-FBE9D9B9BEED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B04B71AD-06D9-472E-9E6B-DA506E763170}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52977165-A38D-45BD-ACF0-780549F14043}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84323D47-2267-4EAE-9F97-CCB26A896513}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{167EC987-B033-4FED-8167-BADAA038F19E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6FCEB95-1375-4AD0-BA50-D4A4B03350DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9C16D9F-55FC-47E3-A8EF-37C3787F180E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18564F72-3416-46A9-8CD0-5A82043E2511}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
13-09-2021 18:17:34 Naplánovaný kontrolní bod
17-09-2021 19:42:11 Instalační služba modulů systému Windows
27-09-2021 17:45:27 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/03/2021 09:15:55 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: Systém událostí modelu COM+ nemohl sdružit odběratele pro odběr {95273CD6-F75C-42A4-BA47-54EF02665C01}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 8007071a.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-QI0P4VT)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 9148, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 972, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 4580, identifikátor PID ProfSvc: 1696.
System errors:
=============
Error: (10/01/2021 07:30:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:23:52, 30.09.2021) bylo neočekávané.
Error: (09/30/2021 09:28:02 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-QI0P4VT)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/30/2021 09:23:52 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:19:08, 30.09.2021) bylo neočekávané.
Error: (09/30/2021 08:39:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:36:20, 30.09.2021) bylo neočekávané.
Error: (09/30/2021 06:36:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (18:02:15, 30.09.2021) bylo neočekávané.
Error: (09/29/2021 07:59:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:31:10, 29.09.2021) bylo neočekávané.
Error: (09/28/2021 01:00:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRF0083-FACEBOOK.317180B0BB486.
Error: (09/23/2021 09:43:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFHVQM-MICROSOFT.WINDOWSCOMMUNICATIONSAPPS.
Windows Defender:
================
Date: 2021-09-27 17:44:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {73174D77-1B34-4190-AB75-817ECAEA7959}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-24 18:01:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6BF2AEB4-5950-431A-B9F8-6251E4135727}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-23 11:29:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F65F7DD2-F2F9-430F-A939-73B22330AF7F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-21 18:51:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1868E4A7-7669-4512-9605-36EE1A59D352}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-20 17:51:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C46BCF92-FD87-4C52-BBC5-387E2FA0A202}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-29 15:37:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1626.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 15:37:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1626.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 15:37:23
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-16 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-06-16 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
==================== Memory info ===========================
BIOS: LENOVO 2WCN46WW 06/08/2020
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 53%
Total physical RAM: 8070.58 MB
Available physical RAM: 3778.56 MB
Total Virtual: 9350.58 MB
Available Virtual: 4570.03 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.9 GB) (Free:870.59 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{3f7e74bb-b440-4c00-892e-608cf93bb9c9}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{bfcf537c-eb4c-4694-a8f3-ae7fea33d6a9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Sekající se notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekající se notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekající se notebook
Dobrý den,
děkuji, snad jsem zvládla správně.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-02-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\LENOVO EASYCAMERA
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1456 octets] - [02/10/2021 17:31:14]
AdwCleaner[S01].txt - [1517 octets] - [02/10/2021 17:32:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
děkuji, snad jsem zvládla správně.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-09-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-02-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.LenovoEasyCamera Folder C:\Program Files (x86)\LENOVO EASYCAMERA
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1456 octets] - [02/10/2021 17:31:14]
AdwCleaner[S01].txt - [1517 octets] - [02/10/2021 17:32:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekající se notebook
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekající se notebook
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2021
Ran by zdenka (administrator) on DESKTOP-QI0P4VT (LENOVO 80T3) (02-10-2021 18:20:12)
Running from C:\Users\zdenka\Downloads
Loaded Profiles: zdenka
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18392968 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502600 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502600 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16BC1D91-ED5E-46CE-8BB8-9C3AA33E2354} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C97989-DAC3-4A62-90AA-F93D7E7F49A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2EBF2B45-5262-4E23-B61D-7C4E6D034965} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3045FB17-9FF5-4BA0-A95E-0E03129AD38E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {468D47FC-C3B0-4773-8744-85674DFA749E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {4958B0CB-4087-4187-9461-C3AC1F24B7B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C10BA06-4396-441B-A3D6-CF8DA7BB898E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {77E64298-172A-4AF2-9A1E-46CDB7CA2717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {8251CB31-F572-456F-829F-78900500C956} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0C0EE51-5062-4613-B852-EA28ACE467A9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4F47A34-84B0-463E-B2FC-71D4C03A6594} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.194.204.126 85.142.148.70
Tcpip\..\Interfaces\{e9956811-7bf9-4efd-9b9f-4fd27305935a}: [DhcpNameServer] 213.194.204.126 85.142.148.70
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-30]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default [2021-10-02]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-16]
CHR Extension: (Dokumenty) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-16]
CHR Extension: (Disk Google) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-16]
CHR Extension: (Tabulky) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl99687846; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73971B3A-82D8-4D6D-B896-8F4BC2C67B03}\MpKslDrv.sys [130296 2021-10-02] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriverGen; C:\Windows\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [899672 2017-10-19] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-02 18:20 - 2021-10-02 18:20 - 000000000 ____D C:\Users\zdenka\Downloads\FRST-OlderVersion
2021-10-02 17:34 - 2021-10-02 17:34 - 008553680 _____ (Malwarebytes) C:\Users\zdenka\Downloads\AdwCleaner.exe
2021-10-02 17:30 - 2021-10-02 17:32 - 000000000 ____D C:\AdwCleaner
2021-10-02 17:30 - 2021-10-02 17:30 - 008553680 _____ (Malwarebytes) C:\Users\zdenka\Downloads\adwcleaner_8.3.0.exe
2021-10-01 07:39 - 2021-10-01 07:40 - 000027896 _____ C:\Users\zdenka\Downloads\Addition.txt
2021-10-01 07:37 - 2021-10-02 18:20 - 000011109 _____ C:\Users\zdenka\Downloads\FRST.txt
2021-10-01 07:37 - 2021-10-02 18:20 - 000000000 ____D C:\FRST
2021-10-01 07:36 - 2021-10-02 18:20 - 002304512 _____ (Farbar) C:\Users\zdenka\Downloads\FRST64.exe
2021-09-24 06:45 - 2021-09-24 06:45 - 000358113 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-10.pdf
2021-09-24 06:44 - 2021-09-24 06:44 - 000345848 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-9-1.pdf
2021-09-23 22:51 - 2021-09-23 22:51 - 001404367 _____ C:\Users\zdenka\Downloads\DamskySvetr.pdf
2021-09-23 16:43 - 2021-09-23 16:43 - 002867271 _____ C:\Users\zdenka\Downloads\Image (10).pdf
2021-09-21 18:54 - 2021-09-21 18:54 - 002445041 _____ C:\Users\zdenka\Downloads\Návod Prime HT Cz-sk.pdf
2021-09-19 21:36 - 2021-09-19 21:36 - 001301756 _____ C:\Users\zdenka\Downloads\CAL-cast3_v3.pdf
2021-09-19 19:31 - 2021-09-19 19:31 - 000361658 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-5-1.pdf
2021-09-18 12:39 - 2021-09-18 12:39 - 000040755 _____ C:\Users\zdenka\Downloads\overeni_totoznosti_5SVM5GD5QY.pdf
2021-09-18 12:09 - 2021-09-18 12:09 - 000075204 _____ C:\Users\zdenka\Downloads\Bezpečnostní kódy.pdf
2021-09-18 12:09 - 2021-09-18 12:09 - 000000000 ____D C:\Users\zdenka\AppData\LocalLow\Temp
2021-09-17 19:56 - 2021-09-17 19:56 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-17 19:56 - 2021-09-17 19:56 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-17 19:56 - 2021-09-17 19:56 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-17 19:56 - 2021-09-17 19:56 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-17 19:56 - 2021-09-17 19:56 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-17 19:56 - 2021-09-17 19:56 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-17 19:56 - 2021-09-17 19:56 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-17 19:56 - 2021-09-17 19:56 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-17 19:56 - 2021-09-17 19:56 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-17 19:55 - 2021-09-17 19:55 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-17 19:55 - 2021-09-17 19:55 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-17 19:55 - 2021-09-17 19:55 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-17 19:55 - 2021-09-17 19:55 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-17 19:55 - 2021-09-17 19:55 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-17 19:55 - 2021-09-17 19:55 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-17 19:55 - 2021-09-17 19:55 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-17 19:55 - 2021-09-17 19:55 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-17 19:42 - 2021-09-17 19:42 - 000000000 ___HD C:\$WinREAgent
2021-09-16 15:52 - 2021-09-16 15:52 - 000126386 _____ C:\Users\zdenka\Downloads\Homework_16092021_II.pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000337732 _____ C:\Users\zdenka\Downloads\zprava_947192811_prijata.zfo
2021-09-14 17:07 - 2021-09-14 17:07 - 000273296 _____ C:\Users\zdenka\Downloads\priloha_923565208_0_souhlas se společným záměrem_Trans Profi stav nástavba sklepa Nový Přerov (1).pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000239259 _____ C:\Users\zdenka\Downloads\priloha_947192811_0_ÚS_přípojkaNN ENORM, a.s., k.ú. Nový Přerov, přípojka kNN Friedel .pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000239259 _____ C:\Users\zdenka\Downloads\priloha_947192811_0_ÚS_přípojkaNN ENORM, a.s., k.ú. Nový Přerov, přípojka kNN Friedel (1).pdf
2021-09-13 20:04 - 2021-09-13 20:04 - 000405565 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-1.pdf
2021-09-12 19:40 - 2021-09-12 19:40 - 001323878 _____ C:\Users\zdenka\Downloads\CAL 2v1 - část 2.pdf
2021-09-08 17:00 - 2021-09-08 17:04 - 002867000 _____ C:\Users\zdenka\Downloads\Dead Man Island 2.pdf
2021-09-08 16:58 - 2021-09-08 16:58 - 002867271 _____ C:\Users\zdenka\Downloads\Image (14).pdf
2021-09-07 19:54 - 2021-09-07 19:54 - 023776340 _____ C:\Users\zdenka\Downloads\CPE READING, USE of English +key (1).pdf
2021-09-07 17:02 - 2021-09-07 17:02 - 023776340 _____ C:\Users\zdenka\Downloads\CPE READING, USE of English +key.pdf
2021-09-07 16:51 - 2021-09-07 16:51 - 000000000 ____D C:\Users\zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-07 15:35 - 2021-09-07 15:35 - 000913123 _____ C:\Users\zdenka\Downloads\Girl_Reading_3.pdf
2021-09-07 15:35 - 2021-09-07 15:35 - 000849636 _____ C:\Users\zdenka\Downloads\Girl_Reading_2.pdf
2021-09-07 15:35 - 2021-09-07 15:35 - 000743933 _____ C:\Users\zdenka\Downloads\Girl_Reading_1.pdf
2021-09-05 19:59 - 2021-09-05 19:59 - 001147829 _____ C:\Users\zdenka\Downloads\CAL 2v1 - část 1.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-02 18:20 - 2021-06-16 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-02 17:26 - 2021-06-16 08:57 - 000000000 __SHD C:\Users\zdenka\IntelGraphicsProfiles
2021-10-02 17:26 - 2019-12-07 09:05 - 000000000 ___RD C:\Users\zdenka\OneDrive
2021-10-02 17:26 - 2019-12-07 08:59 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-02 17:26 - 2019-12-07 08:59 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-01 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 11:18 - 2019-12-07 09:02 - 000000000 ____D C:\Users\zdenka
2021-10-01 11:08 - 2019-12-07 08:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-01 08:53 - 2019-12-07 09:03 - 000000000 ____D C:\Users\zdenka\AppData\Local\Packages
2021-10-01 07:51 - 2019-12-07 16:43 - 000683426 _____ C:\Windows\system32\perfh005.dat
2021-10-01 07:51 - 2019-12-07 16:43 - 000137206 _____ C:\Windows\system32\perfc005.dat
2021-10-01 07:51 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-01 07:51 - 2019-12-07 09:06 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-01 07:43 - 2021-06-16 08:51 - 000000000 ____D C:\ProgramData\Synaptics
2021-10-01 07:43 - 2019-12-07 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-01 07:43 - 2019-12-07 08:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-01 07:15 - 2021-06-16 19:03 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 07:15 - 2021-06-16 19:03 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 16:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-30 16:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-30 16:46 - 2021-06-16 19:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-29 19:59 - 2021-09-01 20:36 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-09-28 17:16 - 2021-08-17 20:21 - 000000000 ____D C:\Users\zdenka\OneDrive\Dokumenty\Zoom
2021-09-28 12:55 - 2021-06-16 19:22 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-09-28 12:54 - 2021-06-16 19:22 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-26 19:40 - 2019-12-07 08:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 12:58 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-18 12:55 - 2019-12-07 08:58 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-18 12:54 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-18 12:54 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-17 20:02 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-17 19:42 - 2021-06-16 08:59 - 000000000 ____D C:\Windows\system32\MRT
2021-09-17 19:40 - 2021-06-16 08:59 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-14 20:44 - 2021-06-16 19:05 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-12 18:00 - 2021-06-19 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-09 09:48 - 2019-12-07 08:59 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-09-07 16:51 - 2021-06-17 18:08 - 000000000 ____D C:\Users\zdenka\AppData\Roaming\Zoom
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2021
Ran by zdenka (02-10-2021 18:21:46)
Running from C:\Users\zdenka\Downloads
Windows 10 Pro Version 21H1 19043.1237 (X64) (2019-12-07 07:00:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2392048284-2277999237-1960427696-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2392048284-2277999237-1960427696-503 - Limited - Disabled)
Guest (S-1-5-21-2392048284-2277999237-1960427696-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2392048284-2277999237-1960427696-504 - Limited - Disabled)
zdenka (S-1-5-21-2392048284-2277999237-1960427696-1001 - Administrator - Enabled) => C:\Users\zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Zoom (HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2021-06-24] (Adobe Systems Incorporated)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-06-17] (Netflix, Inc.)
PDF reader for adobe acrobat -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.0.9.0_x64__1cyam58dzt1cw [2021-09-07] (PDF reader apps)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0 [2021-09-22] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\igfxDTCM.dll [2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.194.204.126 - 85.142.148.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{33A83A94-F137-4269-93FB-736364194012}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DE2B1C2-CDAA-4F89-949F-0A5E86A55982}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF4AF15E-57A2-404F-9108-934EC74AAFCE}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{664BB0AA-06FA-4DBD-9F29-89CE6C500EDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{421D40E0-67C1-4088-A088-FD0181D42668}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3CF05F0-45AB-433A-B24A-A481DCC87B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45D82FBB-DB19-4F9D-A9DD-782A61B089DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35A612C7-9B63-427C-BD30-9452F1581897}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5260176E-CEFB-465A-9C63-2C121CE5D3AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3B959F0-356A-4401-9D12-FBE9D9B9BEED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B04B71AD-06D9-472E-9E6B-DA506E763170}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52977165-A38D-45BD-ACF0-780549F14043}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84323D47-2267-4EAE-9F97-CCB26A896513}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{167EC987-B033-4FED-8167-BADAA038F19E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6FCEB95-1375-4AD0-BA50-D4A4B03350DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9C16D9F-55FC-47E3-A8EF-37C3787F180E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18564F72-3416-46A9-8CD0-5A82043E2511}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
13-09-2021 18:17:34 Naplánovaný kontrolní bod
17-09-2021 19:42:11 Instalační služba modulů systému Windows
27-09-2021 17:45:27 Naplánovaný kontrolní bod
02-10-2021 17:32:30 AdwCleaner_BeforeCleaning_02/10/2021_17:32:30
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/03/2021 09:15:55 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: Systém událostí modelu COM+ nemohl sdružit odběratele pro odběr {95273CD6-F75C-42A4-BA47-54EF02665C01}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 8007071a.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-QI0P4VT)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 9148, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 972, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 4580, identifikátor PID ProfSvc: 1696.
System errors:
=============
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BiometricSensorDataSynchronization byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Synaptics FP WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-09-27 17:44:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {73174D77-1B34-4190-AB75-817ECAEA7959}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-24 18:01:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6BF2AEB4-5950-431A-B9F8-6251E4135727}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-23 11:29:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F65F7DD2-F2F9-430F-A939-73B22330AF7F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-21 18:51:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1868E4A7-7669-4512-9605-36EE1A59D352}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-20 17:51:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C46BCF92-FD87-4C52-BBC5-387E2FA0A202}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-29 15:37:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1626.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 15:37:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1626.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 15:37:23
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-16 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-06-16 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
==================== Memory info ===========================
BIOS: LENOVO 2WCN46WW 06/08/2020
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8070.58 MB
Available physical RAM: 4646.89 MB
Total Virtual: 9350.58 MB
Available Virtual: 5959.49 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.9 GB) (Free:869.99 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{3f7e74bb-b440-4c00-892e-608cf93bb9c9}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{bfcf537c-eb4c-4694-a8f3-ae7fea33d6a9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by zdenka (administrator) on DESKTOP-QI0P4VT (LENOVO 80T3) (02-10-2021 18:20:12)
Running from C:\Users\zdenka\Downloads
Loaded Profiles: zdenka
Platform: Windows 10 Pro Version 21H1 19043.1237 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18392968 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502600 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502600 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2340224 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\94.0.4606.61\Installer\chrmstp.exe [2021-09-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16BC1D91-ED5E-46CE-8BB8-9C3AA33E2354} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {29C97989-DAC3-4A62-90AA-F93D7E7F49A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2EBF2B45-5262-4E23-B61D-7C4E6D034965} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3045FB17-9FF5-4BA0-A95E-0E03129AD38E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977072 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {468D47FC-C3B0-4773-8744-85674DFA749E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {4958B0CB-4087-4187-9461-C3AC1F24B7B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5C10BA06-4396-441B-A3D6-CF8DA7BB898E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {77E64298-172A-4AF2-9A1E-46CDB7CA2717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {8251CB31-F572-456F-829F-78900500C956} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A0C0EE51-5062-4613-B852-EA28ACE467A9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4F47A34-84B0-463E-B2FC-71D4C03A6594} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.194.204.126 85.142.148.70
Tcpip\..\Interfaces\{e9956811-7bf9-4efd-9b9f-4fd27305935a}: [DhcpNameServer] 213.194.204.126 85.142.148.70
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zdenka\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-30]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default [2021-10-02]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
CHR Extension: (Prezentace) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-16]
CHR Extension: (Dokumenty) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-16]
CHR Extension: (Disk Google) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-16]
CHR Extension: (Tabulky) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zdenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
S2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncHelper.exe [3249520 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.180.0905.0007\OneDriveUpdaterService.exe [3718016 2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl99687846; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{73971B3A-82D8-4D6D-B896-8F4BC2C67B03}\MpKslDrv.sys [130296 2021-10-02] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriverGen; C:\Windows\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv64.sys [899672 2017-10-19] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48536 2021-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [433384 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-02 18:20 - 2021-10-02 18:20 - 000000000 ____D C:\Users\zdenka\Downloads\FRST-OlderVersion
2021-10-02 17:34 - 2021-10-02 17:34 - 008553680 _____ (Malwarebytes) C:\Users\zdenka\Downloads\AdwCleaner.exe
2021-10-02 17:30 - 2021-10-02 17:32 - 000000000 ____D C:\AdwCleaner
2021-10-02 17:30 - 2021-10-02 17:30 - 008553680 _____ (Malwarebytes) C:\Users\zdenka\Downloads\adwcleaner_8.3.0.exe
2021-10-01 07:39 - 2021-10-01 07:40 - 000027896 _____ C:\Users\zdenka\Downloads\Addition.txt
2021-10-01 07:37 - 2021-10-02 18:20 - 000011109 _____ C:\Users\zdenka\Downloads\FRST.txt
2021-10-01 07:37 - 2021-10-02 18:20 - 000000000 ____D C:\FRST
2021-10-01 07:36 - 2021-10-02 18:20 - 002304512 _____ (Farbar) C:\Users\zdenka\Downloads\FRST64.exe
2021-09-24 06:45 - 2021-09-24 06:45 - 000358113 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-10.pdf
2021-09-24 06:44 - 2021-09-24 06:44 - 000345848 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-9-1.pdf
2021-09-23 22:51 - 2021-09-23 22:51 - 001404367 _____ C:\Users\zdenka\Downloads\DamskySvetr.pdf
2021-09-23 16:43 - 2021-09-23 16:43 - 002867271 _____ C:\Users\zdenka\Downloads\Image (10).pdf
2021-09-21 18:54 - 2021-09-21 18:54 - 002445041 _____ C:\Users\zdenka\Downloads\Návod Prime HT Cz-sk.pdf
2021-09-19 21:36 - 2021-09-19 21:36 - 001301756 _____ C:\Users\zdenka\Downloads\CAL-cast3_v3.pdf
2021-09-19 19:31 - 2021-09-19 19:31 - 000361658 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-5-1.pdf
2021-09-18 12:39 - 2021-09-18 12:39 - 000040755 _____ C:\Users\zdenka\Downloads\overeni_totoznosti_5SVM5GD5QY.pdf
2021-09-18 12:09 - 2021-09-18 12:09 - 000075204 _____ C:\Users\zdenka\Downloads\Bezpečnostní kódy.pdf
2021-09-18 12:09 - 2021-09-18 12:09 - 000000000 ____D C:\Users\zdenka\AppData\LocalLow\Temp
2021-09-17 19:56 - 2021-09-17 19:56 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-17 19:56 - 2021-09-17 19:56 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-17 19:56 - 2021-09-17 19:56 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-17 19:56 - 2021-09-17 19:56 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-17 19:56 - 2021-09-17 19:56 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-17 19:56 - 2021-09-17 19:56 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-17 19:56 - 2021-09-17 19:56 - 000170496 _____ C:\Windows\system32\DeviceUpdateCenterCsp.dll
2021-09-17 19:56 - 2021-09-17 19:56 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-17 19:56 - 2021-09-17 19:56 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-17 19:56 - 2021-09-17 19:56 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-17 19:55 - 2021-09-17 19:55 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-17 19:55 - 2021-09-17 19:55 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-17 19:55 - 2021-09-17 19:55 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-17 19:55 - 2021-09-17 19:55 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-17 19:55 - 2021-09-17 19:55 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-17 19:55 - 2021-09-17 19:55 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-17 19:55 - 2021-09-17 19:55 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-17 19:55 - 2021-09-17 19:55 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-17 19:42 - 2021-09-17 19:42 - 000000000 ___HD C:\$WinREAgent
2021-09-16 15:52 - 2021-09-16 15:52 - 000126386 _____ C:\Users\zdenka\Downloads\Homework_16092021_II.pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000337732 _____ C:\Users\zdenka\Downloads\zprava_947192811_prijata.zfo
2021-09-14 17:07 - 2021-09-14 17:07 - 000273296 _____ C:\Users\zdenka\Downloads\priloha_923565208_0_souhlas se společným záměrem_Trans Profi stav nástavba sklepa Nový Přerov (1).pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000239259 _____ C:\Users\zdenka\Downloads\priloha_947192811_0_ÚS_přípojkaNN ENORM, a.s., k.ú. Nový Přerov, přípojka kNN Friedel .pdf
2021-09-14 17:07 - 2021-09-14 17:07 - 000239259 _____ C:\Users\zdenka\Downloads\priloha_947192811_0_ÚS_přípojkaNN ENORM, a.s., k.ú. Nový Přerov, přípojka kNN Friedel (1).pdf
2021-09-13 20:04 - 2021-09-13 20:04 - 000405565 _____ C:\Users\zdenka\Downloads\VERBEN-MIT-PRAPOSITIONEN-1.pdf
2021-09-12 19:40 - 2021-09-12 19:40 - 001323878 _____ C:\Users\zdenka\Downloads\CAL 2v1 - část 2.pdf
2021-09-08 17:00 - 2021-09-08 17:04 - 002867000 _____ C:\Users\zdenka\Downloads\Dead Man Island 2.pdf
2021-09-08 16:58 - 2021-09-08 16:58 - 002867271 _____ C:\Users\zdenka\Downloads\Image (14).pdf
2021-09-07 19:54 - 2021-09-07 19:54 - 023776340 _____ C:\Users\zdenka\Downloads\CPE READING, USE of English +key (1).pdf
2021-09-07 17:02 - 2021-09-07 17:02 - 023776340 _____ C:\Users\zdenka\Downloads\CPE READING, USE of English +key.pdf
2021-09-07 16:51 - 2021-09-07 16:51 - 000000000 ____D C:\Users\zdenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-09-07 15:35 - 2021-09-07 15:35 - 000913123 _____ C:\Users\zdenka\Downloads\Girl_Reading_3.pdf
2021-09-07 15:35 - 2021-09-07 15:35 - 000849636 _____ C:\Users\zdenka\Downloads\Girl_Reading_2.pdf
2021-09-07 15:35 - 2021-09-07 15:35 - 000743933 _____ C:\Users\zdenka\Downloads\Girl_Reading_1.pdf
2021-09-05 19:59 - 2021-09-05 19:59 - 001147829 _____ C:\Users\zdenka\Downloads\CAL 2v1 - část 1.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-02 18:20 - 2021-06-16 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-02 17:26 - 2021-06-16 08:57 - 000000000 __SHD C:\Users\zdenka\IntelGraphicsProfiles
2021-10-02 17:26 - 2019-12-07 09:05 - 000000000 ___RD C:\Users\zdenka\OneDrive
2021-10-02 17:26 - 2019-12-07 08:59 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-02 17:26 - 2019-12-07 08:59 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-01 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-01 11:18 - 2019-12-07 09:02 - 000000000 ____D C:\Users\zdenka
2021-10-01 11:08 - 2019-12-07 08:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-01 08:53 - 2019-12-07 09:03 - 000000000 ____D C:\Users\zdenka\AppData\Local\Packages
2021-10-01 07:51 - 2019-12-07 16:43 - 000683426 _____ C:\Windows\system32\perfh005.dat
2021-10-01 07:51 - 2019-12-07 16:43 - 000137206 _____ C:\Windows\system32\perfc005.dat
2021-10-01 07:51 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-10-01 07:51 - 2019-12-07 09:06 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2021-10-01 07:43 - 2021-06-16 08:51 - 000000000 ____D C:\ProgramData\Synaptics
2021-10-01 07:43 - 2019-12-07 08:59 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-01 07:43 - 2019-12-07 08:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-01 07:15 - 2021-06-16 19:03 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-01 07:15 - 2021-06-16 19:03 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-30 16:56 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-30 16:56 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-09-30 16:46 - 2021-06-16 19:04 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-29 19:59 - 2021-09-01 20:36 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-09-28 17:16 - 2021-08-17 20:21 - 000000000 ____D C:\Users\zdenka\OneDrive\Dokumenty\Zoom
2021-09-28 12:55 - 2021-06-16 19:22 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-09-28 12:54 - 2021-06-16 19:22 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-26 19:40 - 2019-12-07 08:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-18 12:58 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-18 12:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-18 12:55 - 2019-12-07 08:58 - 000438944 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-18 12:54 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-09-18 12:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-18 12:54 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-17 20:02 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-17 19:42 - 2021-06-16 08:59 - 000000000 ____D C:\Windows\system32\MRT
2021-09-17 19:40 - 2021-06-16 08:59 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-09-14 20:44 - 2021-06-16 19:05 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-12 18:00 - 2021-06-19 19:32 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-09 09:48 - 2019-12-07 08:59 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-09-07 16:51 - 2021-06-17 18:08 - 000000000 ____D C:\Users\zdenka\AppData\Roaming\Zoom
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2021
Ran by zdenka (02-10-2021 18:21:46)
Running from C:\Users\zdenka\Downloads
Windows 10 Pro Version 21H1 19043.1237 (X64) (2019-12-07 07:00:58)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2392048284-2277999237-1960427696-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2392048284-2277999237-1960427696-503 - Limited - Disabled)
Guest (S-1-5-21-2392048284-2277999237-1960427696-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2392048284-2277999237-1960427696-504 - Limited - Disabled)
zdenka (S-1-5-21-2392048284-2277999237-1960427696-1001 - Administrator - Enabled) => C:\Users\zdenka
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.61 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14326.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.31 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B981965-2FBC-433C-B4B3-E183EE97CD29}) (Version: 2.83.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14326.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Zoom (HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\...\ZoomUMX) (Version: 5.7.7 (1105) - Zoom Video Communications, Inc.)
Packages:
=========
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2021-06-24] (Adobe Systems Incorporated)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1240.4.118.0_x64__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-06-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-04] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-06-17] (Netflix, Inc.)
PDF reader for adobe acrobat -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.0.9.0_x64__1cyam58dzt1cw [2021-09-07] (PDF reader apps)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0 [2021-09-22] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.180.0905.0007\FileSyncShell64.dll [2021-09-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ca615c91f47053ea\igfxDTCM.dll [2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-08-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2392048284-2277999237-1960427696-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.194.204.126 - 85.142.148.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{33A83A94-F137-4269-93FB-736364194012}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4DE2B1C2-CDAA-4F89-949F-0A5E86A55982}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{CF4AF15E-57A2-404F-9108-934EC74AAFCE}] => (Allow) C:\Users\zdenka\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{664BB0AA-06FA-4DBD-9F29-89CE6C500EDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{421D40E0-67C1-4088-A088-FD0181D42668}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3CF05F0-45AB-433A-B24A-A481DCC87B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45D82FBB-DB19-4F9D-A9DD-782A61B089DA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35A612C7-9B63-427C-BD30-9452F1581897}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5260176E-CEFB-465A-9C63-2C121CE5D3AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C3B959F0-356A-4401-9D12-FBE9D9B9BEED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B04B71AD-06D9-472E-9E6B-DA506E763170}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{52977165-A38D-45BD-ACF0-780549F14043}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{84323D47-2267-4EAE-9F97-CCB26A896513}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{167EC987-B033-4FED-8167-BADAA038F19E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A6FCEB95-1375-4AD0-BA50-D4A4B03350DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B9C16D9F-55FC-47E3-A8EF-37C3787F180E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.168.632.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{18564F72-3416-46A9-8CD0-5A82043E2511}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
13-09-2021 18:17:34 Naplánovaný kontrolní bod
17-09-2021 19:42:11 Instalační služba modulů systému Windows
27-09-2021 17:45:27 Naplánovaný kontrolní bod
02-10-2021 17:32:30 AdwCleaner_BeforeCleaning_02/10/2021_17:32:30
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/03/2021 09:15:55 PM) (Source: EventSystem) (EventID: 4622) (User: )
Description: Systém událostí modelu COM+ nemohl sdružit odběratele pro odběr {95273CD6-F75C-42A4-BA47-54EF02665C01}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. Výsledek HRESULT byl 8007071a.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-QI0P4VT)
Description: Systém Windows nemůže nalézt místní profil. Budete přihlášeni pomocí dočasného profilu. Změny profilu budou při vašem odhlášení ztraceny.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 9148, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 972, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 1236, identifikátor PID ProfSvc: 1696.
Error: (06/18/2021 04:07:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 4580, identifikátor PID ProfSvc: 1696.
System errors:
=============
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BiometricSensorDataSynchronization byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Storage Middleware Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX2 API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/02/2021 05:32:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Synaptics FP WBF Policy Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-09-27 17:44:29
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {73174D77-1B34-4190-AB75-817ECAEA7959}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-24 18:01:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6BF2AEB4-5950-431A-B9F8-6251E4135727}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-23 11:29:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F65F7DD2-F2F9-430F-A939-73B22330AF7F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-21 18:51:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1868E4A7-7669-4512-9605-36EE1A59D352}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-09-20 17:51:37
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C46BCF92-FD87-4C52-BBC5-387E2FA0A202}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-06-29 15:37:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1626.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 15:37:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1626.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 15:37:23
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-16 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2021-06-16 08:56:30
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.303.25.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
==================== Memory info ===========================
BIOS: LENOVO 2WCN46WW 06/08/2020
Motherboard: LENOVO
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8070.58 MB
Available physical RAM: 4646.89 MB
Total Virtual: 9350.58 MB
Available Virtual: 5959.49 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.9 GB) (Free:869.99 GB) NTFS
Drive d: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS
\\?\Volume{3f7e74bb-b440-4c00-892e-608cf93bb9c9}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{bfcf537c-eb4c-4694-a8f3-ae7fea33d6a9}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekající se notebook
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {468D47FC-C3B0-4773-8744-85674DFA749E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {77E64298-172A-4AF2-9A1E-46CDB7CA2717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekající se notebook
Moc děkuji za rady.
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-10-2021
Ran by zdenka (02-10-2021 19:13:17) Run:1
Running from C:\Users\zdenka\Downloads
Loaded Profiles: zdenka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {468D47FC-C3B0-4773-8744-85674DFA749E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {77E64298-172A-4AF2-9A1E-46CDB7CA2717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{468D47FC-C3B0-4773-8744-85674DFA749E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{468D47FC-C3B0-4773-8744-85674DFA749E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77E64298-172A-4AF2-9A1E-46CDB7CA2717}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77E64298-172A-4AF2-9A1E-46CDB7CA2717}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19015919 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 54223072 B
Edge => 0 B
Chrome => 540471474 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 165566 B
zdenka => 152540409 B
RecycleBin => 27660333 B
EmptyTemp: => 757.3 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:14:09 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-10-2021
Ran by zdenka (02-10-2021 19:13:17) Run:1
Running from C:\Users\zdenka\Downloads
Loaded Profiles: zdenka
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {468D47FC-C3B0-4773-8744-85674DFA749E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
Task: {77E64298-172A-4AF2-9A1E-46CDB7CA2717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-16] (Google LLC -> Google LLC)
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{468D47FC-C3B0-4773-8744-85674DFA749E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{468D47FC-C3B0-4773-8744-85674DFA749E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77E64298-172A-4AF2-9A1E-46CDB7CA2717}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77E64298-172A-4AF2-9A1E-46CDB7CA2717}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19015919 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 54223072 B
Edge => 0 B
Chrome => 540471474 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 165566 B
zdenka => 152540409 B
RecycleBin => 27660333 B
EmptyTemp: => 757.3 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:14:09 ====
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekající se notebook
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Sekající se notebook
Dobrý den,
dám vědět, jak to trochu vyzkouším.
Moc děkuji. Zdena Saková
dám vědět, jak to trochu vyzkouším.
Moc děkuji. Zdena Saková
-
Rudy
- Site Admin
- Příspěvky: 118265
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Sekající se notebook
OK, nechám to tu zatím otevřené. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?