ADWCleaner - čisté
MBAM - čisté
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-07-2020
Ran by Janka (administrator) on LAPTOP-JANKA (LENOVO 80TJ) (23-07-2020 14:59:42)
Running from C:\Users\Janka\Downloads
Loaded Profiles: Janka
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <25>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Janka\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16735744 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-16] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1D806BFD-A423-4F1B-8357-CC81DE3B8DBD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123744 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2237B781-A657-41B3-BCE0-07A69BBED528} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4589AB85-A5AC-4429-8199-68F265B8D3AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4FB71504-2F64-475C-A931-3CC60C15F963} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AAC2D41-B7D7-4CA0-A80D-2D9CDA92768B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {90CD0304-4ECD-4C1F-875C-29F12C705CDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D563A77C-D736-437A-BBCB-EF533176FB78} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-07-14] (CyberLink Corp. -> CyberLink Corp.)
Task: {D7B43E0F-D473-4CA4-81F9-31513B45E9D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DB9C1D7B-C11E-42CE-B25F-E107164EA4BB} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {DD5388E9-7B1C-4A77-920E-1BFB040EBF83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-06-07] (Google Inc -> Google Inc.)
Task: {DE203DE1-A233-443B-9F2F-3D66F3CE32B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E066EFED-1174-4F0D-BD64-A6085C46F407} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123744 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {E783C4C5-2CEA-4EAC-8D2E-459C2179E0A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9F666E0-EF1F-413B-9678-DF90571DA255} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-06-07] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 85.119.89.2 8.8.8.8
Tcpip\..\Interfaces\{f7b9cd55-c498-475f-be3c-1b641bdae3e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fe16ac84-8aba-4283-8f3a-cf041ef3ac4f}: [DhcpNameServer] 85.119.89.2 8.8.8.8
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> DefaultScope {C50BADC1-9265-414B-8437-6B21C282F983} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Janka\Downloads
Edge Notifications: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> hxxps://www.facebook.com; hxxps://www.astratex.cz; hxxps://postovnezdarma.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\Janka\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-23]
Edge DownloadDir: C:\Users\Janka\Downloads
Edge Notifications: Default -> hxxps://meet.google.com; hxxps://postovnezdarma.cz; hxxps://www.astratex.cz; hxxps://www.facebook.com; hxxps://www.kupi.cz; hxxps://www.newchic.com
Edge StartupUrls: Default -> "hxxps://vmail.centrum.cz/?utm_source=volnyHP&utm_medium=mailbox"
FireFox:
========
FF DefaultProfile: ttszok0e.default
FF ProfilePath: C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ttszok0e.default [2020-07-23]
FF Homepage: Mozilla\Firefox\Profiles\ttszok0e.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\ttszok0e.default -> hxxps://novaplus.nova.cz
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default [2019-12-15]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295832 2016-12-23] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574728 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [276616 2018-03-14] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmdag.sys [26587656 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmpag.sys [527256 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87840 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3150344 2016-10-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162960 2018-04-26] (Disc Soft Ltd -> Duplex Secure Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-23 14:59 - 2020-07-23 15:02 - 000014579 _____ C:\Users\Janka\Downloads\FRST.txt
2020-07-23 14:59 - 2020-07-23 15:01 - 000000000 ____D C:\FRST
2020-07-23 14:56 - 2020-07-23 14:58 - 002293760 _____ (Farbar) C:\Users\Janka\Downloads\FRST64.exe
2020-07-23 14:03 - 2020-07-23 14:05 - 000000000 ____D C:\AdwCleaner
2020-07-23 14:02 - 2020-07-23 14:02 - 008420016 _____ (Malwarebytes) C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe
2020-07-23 08:30 - 2020-07-23 08:30 - 000000000 ___HD C:\OneDriveTemp
2020-07-23 07:31 - 2020-07-23 07:32 - 028064096 _____ (Piriform Software Ltd) C:\Users\Janka\Downloads\ccsetup569.exe
2020-07-20 18:23 - 2020-07-20 18:23 - 004824576 _____ C:\Users\Janka\Downloads\Celej_tatik_HH (1).pps
2020-07-20 18:21 - 2020-07-20 18:21 - 004824576 _____ C:\Users\Janka\Downloads\Celej_tatik_HH.pps
2020-07-20 09:45 - 2020-07-20 09:45 - 002274465 _____ C:\Users\Janka\Downloads\Trhlina_ve_dzbanu.pptx
2020-07-20 05:32 - 2020-07-20 05:32 - 001566208 _____ C:\Users\Janka\Downloads\Bohu_se_nesmi_posmivat.pps
2020-07-19 08:32 - 2020-07-19 08:32 - 004154880 _____ C:\Users\Janka\Downloads\BlueTrain-Africa.pps
2020-07-19 08:20 - 2020-07-19 08:20 - 000423424 _____ C:\Users\Janka\Downloads\Rasizmus__HP_1.pps
2020-07-19 08:15 - 2020-07-19 08:15 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco (2).pps
2020-07-19 08:15 - 2020-07-19 08:15 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco (1).pps
2020-07-18 20:09 - 2020-07-18 20:09 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco.pps
2020-07-16 18:55 - 2020-07-16 18:55 - 007267328 _____ C:\Users\Janka\Downloads\VodopaÌdy_IguazuÌ.pps
2020-07-16 18:55 - 2020-07-16 18:55 - 007267328 _____ C:\Users\Janka\Downloads\VodopaÌdy_IguazuÌ (1).pps
2020-07-16 06:02 - 2020-06-30 06:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-16 06:02 - 2020-06-30 06:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-15 18:33 - 2020-07-15 18:33 - 000000000 __SHD C:\found.004
2020-07-15 18:12 - 2020-07-15 18:12 - 000000000 __SHD C:\found.003
2020-07-14 07:23 - 2020-07-14 07:24 - 006170624 _____ C:\Users\Janka\Downloads\Krkonose_2011.pps
2020-07-13 18:58 - 2020-07-13 18:59 - 006819328 _____ C:\Users\Janka\Downloads\IN_MEMORIAM_-_Hroby_slavných.pps
2020-07-10 18:32 - 2020-07-10 18:32 - 007130624 _____ C:\Users\Janka\Downloads\Tam_ve_vysce.pps
2020-07-10 18:31 - 2020-07-10 18:31 - 000000178 _____ C:\Users\Janka\Downloads\ATT00010.html
2020-07-09 18:01 - 2020-07-09 18:02 - 007861248 _____ C:\Users\Janka\Downloads\Holandská_pohádka.pps
2020-07-08 17:26 - 2020-07-08 17:26 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose (2).pps
2020-07-08 17:25 - 2020-07-08 17:25 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose (1).pps
2020-07-08 17:24 - 2020-07-08 17:24 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose.pps
2020-07-08 17:24 - 2020-07-08 17:24 - 000000091 ____H C:\Users\Janka\Downloads\.~lock.Krkonose.pps#
2020-07-08 15:43 - 2020-07-08 15:43 - 011330560 _____ C:\Users\Janka\Downloads\G_570_FRANCIA_PROFUNDA.pps
2020-07-08 15:41 - 2020-07-08 15:41 - 006701056 _____ C:\Users\Janka\Downloads\Tombe_la_neige-_Adamo.pps
2020-07-08 15:33 - 2020-07-08 15:34 - 006160896 _____ C:\Users\Janka\Downloads\Kapky_deste (1).pps
2020-07-08 15:28 - 2020-07-08 15:29 - 016346450 _____ C:\Users\Janka\Downloads\Krasy_Tatier_ (4).ppsx
2020-07-07 18:32 - 2020-07-07 18:33 - 001838592 _____ C:\Users\Janka\Downloads\MMF.pps
2020-07-06 05:51 - 2020-07-06 05:51 - 003784704 _____ C:\Users\Janka\Downloads\C_260_La_vile_souterraine1111-2111.pps
2020-07-05 16:13 - 2020-07-05 16:14 - 000278016 _____ C:\Users\Janka\Downloads\Úžasný_obrázek_z_Burmy.pps
2020-07-03 18:33 - 2020-07-03 18:33 - 001617920 _____ C:\Users\Janka\Downloads\Děsivé_svědectví_z_Řecka.pps
2020-07-03 18:33 - 2020-07-03 18:33 - 001617920 _____ C:\Users\Janka\Downloads\Děsivé_svědectví_z_Řecka (1).pps
2020-07-03 17:48 - 2020-07-03 17:48 - 005790720 _____ C:\Users\Janka\Downloads\444_novell__basilica_de_san_marcos1.pps
2020-07-03 17:33 - 2020-07-03 17:33 - 004511744 _____ C:\Users\Janka\Downloads\Samobarvící_fotografie-nádhera1.pps
2020-07-03 17:27 - 2020-07-03 17:28 - 008308224 _____ C:\Users\Janka\Downloads\Nádherné_fotky_letošního_roku (1).pps
2020-07-03 17:26 - 2020-07-03 17:26 - 008308224 _____ C:\Users\Janka\Downloads\Nádherné_fotky_letošního_roku.pps
2020-07-02 07:12 - 2020-07-02 07:12 - 000000000 __SHD C:\found.002
2020-07-01 09:31 - 2020-07-01 09:32 - 005167104 _____ C:\Users\Janka\Downloads\Sila_umeni_-_Art.pps
2020-06-29 19:04 - 2020-06-29 19:05 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (3).mov
2020-06-29 19:03 - 2020-06-29 19:03 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (2).mov
2020-06-29 18:59 - 2020-06-29 19:00 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (1).mov
2020-06-29 18:57 - 2020-06-29 18:58 - 008153429 _____ C:\Users\Janka\Downloads\Video (7).mov
2020-06-29 18:37 - 2020-06-29 18:37 - 008153429 _____ C:\Users\Janka\Downloads\Video (6).mov
2020-06-28 19:04 - 2020-06-28 19:05 - 007312384 _____ C:\Users\Janka\Downloads\Air_Force_One_of_Vladimir_Putin.pps
2020-06-28 19:03 - 2020-06-28 19:04 - 004765184 _____ C:\Users\Janka\Downloads\Letadlo_Donalda_Trumpa.pps
2020-06-28 18:40 - 2020-06-28 18:41 - 001932288 _____ C:\Users\Janka\Downloads\TigerW (2).pps
2020-06-25 20:02 - 2020-06-25 20:02 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (4).pps
2020-06-25 19:55 - 2020-06-25 19:55 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (3).pps
2020-06-25 19:55 - 2020-06-25 19:55 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (2).pps
2020-06-24 18:11 - 2020-06-24 18:11 - 009746682 _____ C:\Users\Janka\Downloads\Video_1.mov
2020-06-24 18:08 - 2020-06-24 18:08 - 008153429 _____ C:\Users\Janka\Downloads\Video (5).mov
2020-06-24 18:07 - 2020-06-24 18:08 - 008153429 _____ C:\Users\Janka\Downloads\Video (4).mov
2020-06-24 17:43 - 2020-06-24 17:54 - 394590336 _____ C:\Users\Janka\Downloads\zasilka-ZO8XH9P9I9E5KN4X (1).zip
2020-06-24 16:46 - 2020-06-24 16:46 - 005769216 _____ C:\Users\Janka\Downloads\India_-_Červená_pevnost.pps
2020-06-24 16:32 - 2020-06-24 16:33 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK).pps
2020-06-24 16:32 - 2020-06-24 16:33 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (1).pps
2020-06-24 16:26 - 2020-06-24 16:26 - 005355520 _____ C:\Users\Janka\Downloads\Decouverte-des-fonds-marins.pps
2020-06-23 19:20 - 2020-06-23 19:33 - 394590336 _____ C:\Users\Janka\Downloads\zasilka-ZO8XH9P9I9E5KN4X.zip
2020-06-23 19:20 - 2020-06-23 19:24 - 087495390 _____ C:\Users\Janka\Downloads\VID_20200622_102238.mp4
2020-06-23 19:16 - 2020-06-23 19:19 - 080192761 _____ C:\Users\Janka\Downloads\VID_20200622_102629.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-23 14:51 - 2019-09-17 00:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-23 14:51 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-23 14:07 - 2018-05-08 17:02 - 000000000 ___RD C:\Users\Janka\Desktop\Bob
2020-07-23 08:30 - 2018-02-08 22:08 - 000000000 ___RD C:\Users\Janka\OneDrive
2020-07-23 08:15 - 2019-09-17 18:41 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-23 08:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-07-23 08:15 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-23 07:34 - 2019-09-17 10:57 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-23 07:34 - 2019-09-17 02:17 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-07-23 06:53 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-23 06:53 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-23 06:42 - 2019-09-17 02:17 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2489188112-2961885803-1461791873-1001
2020-07-23 06:42 - 2019-09-17 00:35 - 000002415 _____ C:\Users\Janka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-21 07:51 - 2018-03-27 21:26 - 000000000 ____D C:\Users\Janka\AppData\Local\Packages
2020-07-20 09:52 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-20 05:13 - 2019-09-17 00:56 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-20 05:13 - 2019-03-19 13:55 - 004832042 _____ C:\WINDOWS\system32\perfh005.dat
2020-07-20 05:13 - 2019-03-19 13:55 - 001368442 _____ C:\WINDOWS\system32\perfc005.dat
2020-07-20 05:06 - 2019-09-17 02:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-19 08:38 - 2019-09-17 00:35 - 000000000 ____D C:\Users\Janka
2020-07-19 07:45 - 2020-04-17 08:16 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-19 07:45 - 2020-04-17 08:16 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-16 07:50 - 2019-06-07 18:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-16 07:50 - 2019-06-07 18:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-15 19:32 - 2020-04-17 08:09 - 000003582 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-15 19:32 - 2020-04-17 08:09 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-02 08:19 - 2017-03-07 13:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-02 05:06 - 2018-03-24 15:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2018-03-28 18:59 - 2020-02-25 19:37 - 000005632 _____ () C:\Users\Janka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-20 09:11 - 2019-12-20 09:11 - 000000017 _____ () C:\Users\Janka\AppData\Local\resmon.resmoncfg
2020-03-11 21:28 - 2020-03-11 21:28 - 000000000 _____ () C:\Users\Janka\AppData\Local\{03336C97-095F-4E6E-BA09-F964BA517C67}
2020-02-15 13:11 - 2020-02-15 13:11 - 000000000 _____ () C:\Users\Janka\AppData\Local\{436FDBE4-8511-497A-BF79-D02305EBB00B}
2020-03-11 21:28 - 2020-03-11 21:28 - 000000000 _____ () C:\Users\Janka\AppData\Local\{DACD2F71-0E45-4B0B-BAAC-2E87C1F09DF9}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zdravím a prosím kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: zdravím a prosím kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-07-2020
Ran by Janka (23-07-2020 15:35:03)
Running from C:\Users\Janka\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 00:18:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2489188112-2961885803-1461791873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2489188112-2961885803-1461791873-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2489188112-2961885803-1461791873-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2489188112-2961885803-1461791873-501 - Limited - Disabled)
Janka (S-1-5-21-2489188112-2961885803-1461791873-1001 - Administrator - Enabled) => C:\Users\Janka
WDAGUtilityAccount (S-1-5-21-2489188112-2961885803-1461791873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6714 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.40 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13001.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
StarBurn Version 15.7 (Build 0x20170407) (HKLM-x32\...\StarBurn_is1) (Version: 15.7 - StarBurn Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.30.0_x64__k1h2ywk1493x8 [2020-06-30] (LENOVO INC.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.9.0.7_x86__h6adky7gbf63m [2020-06-25] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0 [2020-07-13] (Spotify AB) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-06-29 19:13 - 2016-06-29 19:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Janka\Downloads\ccsetup569.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Janka\Downloads\FRST64.exe:SmartScreen [7]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-12-15 09:41 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-08-26 18:16 - 2019-08-26 18:16 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LAPTOP-Janka.mshome.net # 2024 8 6 24 16 16 46 260
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\Control Panel\Desktop\\Wallpaper -> D:\Obrázky\pejsci\P1040871.JPG
DNS Servers: 85.119.89.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{18F160DD-F34C-42AC-9842-62947AC2985F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B35E41BB-120F-459B-ACE4-15915300A5CE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{257F1693-5700-40D5-A2CD-6094602B9064}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77D673CF-E1D0-41FF-9477-E40D7AF67A10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94E9BEF6-0788-43EC-BEA5-BA1B5CDA43B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70790024-AE66-435F-8CBF-8B1B83BB1D4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C68B9CA9-B0F4-4BC2-B31E-CAE6314ACDFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9485B5DD-4F0C-4490-933D-8C7AF0DD7545}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0750655F-59A4-4C85-8EC5-255CD35B4638}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D701F1-638F-47ED-8527-602C1EDD07E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87C9153B-480A-47D5-A233-4555E1C8F684}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0348B853-ED7E-46C1-A64A-20607B76265C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80995102-3F42-4BC5-8FA3-F3E12D1CBC15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A03B252-C72F-4FCF-B0F6-25702CC1B3DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7D6A242-E6F3-458F-BD20-DDEBF3D248B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-03-2020 11:58:32 Windows Update
11-03-2020 19:36:59 Windows Update
16-04-2020 06:50:01 Windows Update
19-04-2020 09:33:16 Windows Update
24-04-2020 09:53:17 Windows Update
02-05-2020 10:26:09 Windows Update
10-05-2020 11:05:09 Windows Update
14-05-2020 07:38:00 Windows Update
17-05-2020 10:54:03 Windows Update
21-05-2020 18:25:51 Windows Update
26-05-2020 13:45:09 Windows Update
30-05-2020 18:46:48 Windows Update
04-06-2020 18:57:25 Windows Update
09-06-2020 19:12:26 Windows Update
14-06-2020 18:46:30 Windows Update
18-06-2020 17:43:23 Windows Update
23-06-2020 18:40:05 Windows Update
28-06-2020 14:30:14 Windows Update
01-07-2020 20:56:30 Windows Update
06-07-2020 18:23:33 Windows Update
10-07-2020 06:19:08 Windows Update
14-07-2020 18:48:48 Windows Update
18-07-2020 06:02:46 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/23/2020 03:03:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 02:00:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 10:05:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 09:06:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 08:02:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4464,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 07:41:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 07:02:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 06:38:17 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (07/23/2020 10:59:28 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:51:57 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:46:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:41:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:36:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:31:57 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:26:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:21:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Windows Defender:
===================================
Date: 2020-07-12 17:59:43.609
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.608
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.607
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-06-28 14:41:44.921
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2020-06-28 14:34:32.650
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-04-17 06:28:23.832
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.811
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.137
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.114
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.060
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.033
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.744
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.601
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Lenovo 1QCN32WW 08/18/2016
Motherboard: LENOVO Nano 5A8
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 83%
Total physical RAM: 3490.6 MB
Available physical RAM: 582.78 MB
Total Virtual: 7074.6 MB
Available Virtual: 2962.77 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:443.68 GB) (Free:361.35 GB) NTFS
Drive d: (Data) (Fixed) (Total:467.58 GB) (Free:458.05 GB) NTFS
\\?\Volume{6c23730e-e998-4778-9b27-46d999e4ab5c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{15ce846e-9175-493c-b893-f4221c50b338}\ (LENOVO_PART) (Fixed) (Total:18.03 GB) (Free:5.97 GB) NTFS
\\?\Volume{548d78a3-88da-480c-bfbe-b0ff4965f77a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 25CEF3CA)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Janka (23-07-2020 15:35:03)
Running from C:\Users\Janka\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 00:18:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2489188112-2961885803-1461791873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2489188112-2961885803-1461791873-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2489188112-2961885803-1461791873-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2489188112-2961885803-1461791873-501 - Limited - Disabled)
Janka (S-1-5-21-2489188112-2961885803-1461791873-1001 - Administrator - Enabled) => C:\Users\Janka
WDAGUtilityAccount (S-1-5-21-2489188112-2961885803-1461791873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6714 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.40 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13001.20266 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
StarBurn Version 15.7 (Build 0x20170407) (HKLM-x32\...\StarBurn_is1) (Version: 15.7 - StarBurn Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.30.0_x64__k1h2ywk1493x8 [2020-06-30] (LENOVO INC.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.9.0.7_x86__h6adky7gbf63m [2020-06-25] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0 [2020-07-13] (Spotify AB) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-06-29 19:13 - 2016-06-29 19:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Janka\Downloads\ccsetup569.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Janka\Downloads\FRST64.exe:SmartScreen [7]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-12-15 09:41 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-08-26 18:16 - 2019-08-26 18:16 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LAPTOP-Janka.mshome.net # 2024 8 6 24 16 16 46 260
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\Control Panel\Desktop\\Wallpaper -> D:\Obrázky\pejsci\P1040871.JPG
DNS Servers: 85.119.89.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{18F160DD-F34C-42AC-9842-62947AC2985F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B35E41BB-120F-459B-ACE4-15915300A5CE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{257F1693-5700-40D5-A2CD-6094602B9064}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77D673CF-E1D0-41FF-9477-E40D7AF67A10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94E9BEF6-0788-43EC-BEA5-BA1B5CDA43B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70790024-AE66-435F-8CBF-8B1B83BB1D4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C68B9CA9-B0F4-4BC2-B31E-CAE6314ACDFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9485B5DD-4F0C-4490-933D-8C7AF0DD7545}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0750655F-59A4-4C85-8EC5-255CD35B4638}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D701F1-638F-47ED-8527-602C1EDD07E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87C9153B-480A-47D5-A233-4555E1C8F684}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0348B853-ED7E-46C1-A64A-20607B76265C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80995102-3F42-4BC5-8FA3-F3E12D1CBC15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A03B252-C72F-4FCF-B0F6-25702CC1B3DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7D6A242-E6F3-458F-BD20-DDEBF3D248B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-03-2020 11:58:32 Windows Update
11-03-2020 19:36:59 Windows Update
16-04-2020 06:50:01 Windows Update
19-04-2020 09:33:16 Windows Update
24-04-2020 09:53:17 Windows Update
02-05-2020 10:26:09 Windows Update
10-05-2020 11:05:09 Windows Update
14-05-2020 07:38:00 Windows Update
17-05-2020 10:54:03 Windows Update
21-05-2020 18:25:51 Windows Update
26-05-2020 13:45:09 Windows Update
30-05-2020 18:46:48 Windows Update
04-06-2020 18:57:25 Windows Update
09-06-2020 19:12:26 Windows Update
14-06-2020 18:46:30 Windows Update
18-06-2020 17:43:23 Windows Update
23-06-2020 18:40:05 Windows Update
28-06-2020 14:30:14 Windows Update
01-07-2020 20:56:30 Windows Update
06-07-2020 18:23:33 Windows Update
10-07-2020 06:19:08 Windows Update
14-07-2020 18:48:48 Windows Update
18-07-2020 06:02:46 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/23/2020 03:03:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9912,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 02:00:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 10:05:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 09:06:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1468,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 08:02:10 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4464,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 07:41:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 07:02:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/23/2020 06:38:17 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7276,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (07/23/2020 10:59:28 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:51:57 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:46:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:41:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:36:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:31:57 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:26:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Error: (07/23/2020 10:21:58 AM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Windows Defender:
===================================
Date: 2020-07-12 17:59:43.609
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.608
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.607
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-06-28 14:41:44.921
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2020-06-28 14:34:32.650
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-04-17 06:28:23.832
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.811
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.137
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.114
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.060
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.033
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.744
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.601
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Lenovo 1QCN32WW 08/18/2016
Motherboard: LENOVO Nano 5A8
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 83%
Total physical RAM: 3490.6 MB
Available physical RAM: 582.78 MB
Total Virtual: 7074.6 MB
Available Virtual: 2962.77 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:443.68 GB) (Free:361.35 GB) NTFS
Drive d: (Data) (Fixed) (Total:467.58 GB) (Free:458.05 GB) NTFS
\\?\Volume{6c23730e-e998-4778-9b27-46d999e4ab5c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{15ce846e-9175-493c-b893-f4221c50b338}\ (LENOVO_PART) (Fixed) (Total:18.03 GB) (Free:5.97 GB) NTFS
\\?\Volume{548d78a3-88da-480c-bfbe-b0ff4965f77a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 25CEF3CA)
Partition: GPT.
==================== End of Addition.txt =======================
Re: zdravím a prosím kontrolu
Ahoj,
po AV stranke logy vypadaju OK
Spust s prikazoveho riadku chkdsk/r
Odsuhlas spustenie pri dalsom starte a restartuj PC
po AV stranke logy vypadaju OK
Spust s prikazoveho riadku chkdsk/r
Odsuhlas spustenie pri dalsom starte a restartuj PC
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: zdravím a prosím kontrolu
chkdsk/r proběhl - výstup jsem nezaznamenala, proto nové FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2020
Ran by Janka (administrator) on LAPTOP-JANKA (LENOVO 80TJ) (24-07-2020 09:16:13)
Running from C:\Users\Janka\Downloads
Loaded Profiles: Janka
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.957_none_5f2e9e6258ea82f2\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16735744 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-16] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03300135-9B74-409F-9578-B9823C27EDF4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123752 2020-07-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2237B781-A657-41B3-BCE0-07A69BBED528} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4589AB85-A5AC-4429-8199-68F265B8D3AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7EE5CDD5-E507-4D19-B23E-5B7A7ED4F86B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AAC2D41-B7D7-4CA0-A80D-2D9CDA92768B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F3D5C0A-12B3-45BB-872F-0FFB988E8B19} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123752 2020-07-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {D563A77C-D736-437A-BBCB-EF533176FB78} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-07-14] (CyberLink Corp. -> CyberLink Corp.)
Task: {D7B43E0F-D473-4CA4-81F9-31513B45E9D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DB9C1D7B-C11E-42CE-B25F-E107164EA4BB} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {DD5388E9-7B1C-4A77-920E-1BFB040EBF83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-06-07] (Google Inc -> Google Inc.)
Task: {DE203DE1-A233-443B-9F2F-3D66F3CE32B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E783C4C5-2CEA-4EAC-8D2E-459C2179E0A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9F666E0-EF1F-413B-9678-DF90571DA255} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-06-07] (Google Inc -> Google Inc.)
Task: {FDD6736B-DDA3-47D1-9C33-8877609DEDDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 85.119.89.2 8.8.8.8
Tcpip\..\Interfaces\{f7b9cd55-c498-475f-be3c-1b641bdae3e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fe16ac84-8aba-4283-8f3a-cf041ef3ac4f}: [DhcpNameServer] 85.119.89.2 8.8.8.8
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> DefaultScope {C50BADC1-9265-414B-8437-6B21C282F983} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Janka\Downloads
Edge Notifications: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> hxxps://www.facebook.com; hxxps://www.astratex.cz; hxxps://postovnezdarma.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\Janka\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-24]
Edge DownloadDir: C:\Users\Janka\Downloads
Edge Notifications: Default -> hxxps://meet.google.com; hxxps://postovnezdarma.cz; hxxps://www.astratex.cz; hxxps://www.facebook.com; hxxps://www.kupi.cz; hxxps://www.newchic.com
Edge StartupUrls: Default -> "hxxps://vmail.centrum.cz/?utm_source=volnyHP&utm_medium=mailbox"
FireFox:
========
FF DefaultProfile: ttszok0e.default
FF ProfilePath: C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ttszok0e.default [2020-07-23]
FF Homepage: Mozilla\Firefox\Profiles\ttszok0e.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\ttszok0e.default -> hxxps://novaplus.nova.cz
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default [2019-12-15]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295832 2016-12-23] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574712 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmdag.sys [26587656 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmpag.sys [527256 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87840 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162960 2018-04-26] (Disc Soft Ltd -> Duplex Secure Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-24 09:15 - 2020-07-24 09:16 - 000000000 ____D C:\Users\Janka\Downloads\FRST-OlderVersion
2020-07-23 15:04 - 2020-07-23 15:37 - 000036510 _____ C:\Users\Janka\Downloads\Addition.txt
2020-07-23 14:59 - 2020-07-24 09:22 - 000014165 _____ C:\Users\Janka\Downloads\FRST.txt
2020-07-23 14:59 - 2020-07-24 09:19 - 000000000 ____D C:\FRST
2020-07-23 14:56 - 2020-07-24 09:15 - 002294784 _____ (Farbar) C:\Users\Janka\Downloads\FRST64.exe
2020-07-23 14:03 - 2020-07-23 14:05 - 000000000 ____D C:\AdwCleaner
2020-07-23 14:02 - 2020-07-23 14:02 - 008420016 _____ (Malwarebytes) C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe
2020-07-23 08:30 - 2020-07-23 08:30 - 000000000 ___HD C:\OneDriveTemp
2020-07-23 07:31 - 2020-07-23 07:32 - 028064096 _____ (Piriform Software Ltd) C:\Users\Janka\Downloads\ccsetup569.exe
2020-07-20 18:23 - 2020-07-20 18:23 - 004824576 _____ C:\Users\Janka\Downloads\Celej_tatik_HH (1).pps
2020-07-20 18:21 - 2020-07-20 18:21 - 004824576 _____ C:\Users\Janka\Downloads\Celej_tatik_HH.pps
2020-07-20 09:45 - 2020-07-20 09:45 - 002274465 _____ C:\Users\Janka\Downloads\Trhlina_ve_dzbanu.pptx
2020-07-20 05:32 - 2020-07-20 05:32 - 001566208 _____ C:\Users\Janka\Downloads\Bohu_se_nesmi_posmivat.pps
2020-07-19 08:32 - 2020-07-19 08:32 - 004154880 _____ C:\Users\Janka\Downloads\BlueTrain-Africa.pps
2020-07-19 08:20 - 2020-07-19 08:20 - 000423424 _____ C:\Users\Janka\Downloads\Rasizmus__HP_1.pps
2020-07-19 08:15 - 2020-07-19 08:15 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco (2).pps
2020-07-19 08:15 - 2020-07-19 08:15 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco (1).pps
2020-07-18 20:09 - 2020-07-18 20:09 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco.pps
2020-07-16 18:55 - 2020-07-16 18:55 - 007267328 _____ C:\Users\Janka\Downloads\VodopaÌdy_IguazuÌ.pps
2020-07-16 18:55 - 2020-07-16 18:55 - 007267328 _____ C:\Users\Janka\Downloads\VodopaÌdy_IguazuÌ (1).pps
2020-07-16 06:02 - 2020-06-30 06:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-16 06:02 - 2020-06-30 06:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-15 18:33 - 2020-07-15 18:33 - 000000000 __SHD C:\found.004
2020-07-15 18:12 - 2020-07-15 18:12 - 000000000 __SHD C:\found.003
2020-07-14 07:23 - 2020-07-14 07:24 - 006170624 _____ C:\Users\Janka\Downloads\Krkonose_2011.pps
2020-07-13 18:58 - 2020-07-13 18:59 - 006819328 _____ C:\Users\Janka\Downloads\IN_MEMORIAM_-_Hroby_slavných.pps
2020-07-10 18:32 - 2020-07-10 18:32 - 007130624 _____ C:\Users\Janka\Downloads\Tam_ve_vysce.pps
2020-07-10 18:31 - 2020-07-10 18:31 - 000000178 _____ C:\Users\Janka\Downloads\ATT00010.html
2020-07-09 18:01 - 2020-07-09 18:02 - 007861248 _____ C:\Users\Janka\Downloads\Holandská_pohádka.pps
2020-07-08 17:26 - 2020-07-08 17:26 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose (2).pps
2020-07-08 17:25 - 2020-07-08 17:25 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose (1).pps
2020-07-08 17:24 - 2020-07-08 17:24 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose.pps
2020-07-08 17:24 - 2020-07-08 17:24 - 000000091 ____H C:\Users\Janka\Downloads\.~lock.Krkonose.pps#
2020-07-08 15:43 - 2020-07-08 15:43 - 011330560 _____ C:\Users\Janka\Downloads\G_570_FRANCIA_PROFUNDA.pps
2020-07-08 15:41 - 2020-07-08 15:41 - 006701056 _____ C:\Users\Janka\Downloads\Tombe_la_neige-_Adamo.pps
2020-07-08 15:33 - 2020-07-08 15:34 - 006160896 _____ C:\Users\Janka\Downloads\Kapky_deste (1).pps
2020-07-08 15:28 - 2020-07-08 15:29 - 016346450 _____ C:\Users\Janka\Downloads\Krasy_Tatier_ (4).ppsx
2020-07-07 18:32 - 2020-07-07 18:33 - 001838592 _____ C:\Users\Janka\Downloads\MMF.pps
2020-07-06 05:51 - 2020-07-06 05:51 - 003784704 _____ C:\Users\Janka\Downloads\C_260_La_vile_souterraine1111-2111.pps
2020-07-05 16:13 - 2020-07-05 16:14 - 000278016 _____ C:\Users\Janka\Downloads\Úžasný_obrázek_z_Burmy.pps
2020-07-03 18:33 - 2020-07-03 18:33 - 001617920 _____ C:\Users\Janka\Downloads\Děsivé_svědectví_z_Řecka.pps
2020-07-03 18:33 - 2020-07-03 18:33 - 001617920 _____ C:\Users\Janka\Downloads\Děsivé_svědectví_z_Řecka (1).pps
2020-07-03 17:48 - 2020-07-03 17:48 - 005790720 _____ C:\Users\Janka\Downloads\444_novell__basilica_de_san_marcos1.pps
2020-07-03 17:33 - 2020-07-03 17:33 - 004511744 _____ C:\Users\Janka\Downloads\Samobarvící_fotografie-nádhera1.pps
2020-07-03 17:27 - 2020-07-03 17:28 - 008308224 _____ C:\Users\Janka\Downloads\Nádherné_fotky_letošního_roku (1).pps
2020-07-03 17:26 - 2020-07-03 17:26 - 008308224 _____ C:\Users\Janka\Downloads\Nádherné_fotky_letošního_roku.pps
2020-07-02 07:12 - 2020-07-02 07:12 - 000000000 __SHD C:\found.002
2020-07-01 09:31 - 2020-07-01 09:32 - 005167104 _____ C:\Users\Janka\Downloads\Sila_umeni_-_Art.pps
2020-06-29 19:04 - 2020-06-29 19:05 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (3).mov
2020-06-29 19:03 - 2020-06-29 19:03 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (2).mov
2020-06-29 18:59 - 2020-06-29 19:00 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (1).mov
2020-06-29 18:57 - 2020-06-29 18:58 - 008153429 _____ C:\Users\Janka\Downloads\Video (7).mov
2020-06-29 18:37 - 2020-06-29 18:37 - 008153429 _____ C:\Users\Janka\Downloads\Video (6).mov
2020-06-28 19:04 - 2020-06-28 19:05 - 007312384 _____ C:\Users\Janka\Downloads\Air_Force_One_of_Vladimir_Putin.pps
2020-06-28 19:03 - 2020-06-28 19:04 - 004765184 _____ C:\Users\Janka\Downloads\Letadlo_Donalda_Trumpa.pps
2020-06-28 18:40 - 2020-06-28 18:41 - 001932288 _____ C:\Users\Janka\Downloads\TigerW (2).pps
2020-06-25 20:02 - 2020-06-25 20:02 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (4).pps
2020-06-25 19:55 - 2020-06-25 19:55 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (3).pps
2020-06-25 19:55 - 2020-06-25 19:55 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (2).pps
2020-06-24 18:11 - 2020-06-24 18:11 - 009746682 _____ C:\Users\Janka\Downloads\Video_1.mov
2020-06-24 18:08 - 2020-06-24 18:08 - 008153429 _____ C:\Users\Janka\Downloads\Video (5).mov
2020-06-24 18:07 - 2020-06-24 18:08 - 008153429 _____ C:\Users\Janka\Downloads\Video (4).mov
2020-06-24 17:43 - 2020-06-24 17:54 - 394590336 _____ C:\Users\Janka\Downloads\zasilka-ZO8XH9P9I9E5KN4X (1).zip
2020-06-24 16:46 - 2020-06-24 16:46 - 005769216 _____ C:\Users\Janka\Downloads\India_-_Červená_pevnost.pps
2020-06-24 16:32 - 2020-06-24 16:33 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK).pps
2020-06-24 16:32 - 2020-06-24 16:33 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (1).pps
2020-06-24 16:26 - 2020-06-24 16:26 - 005355520 _____ C:\Users\Janka\Downloads\Decouverte-des-fonds-marins.pps
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-24 09:20 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-24 09:05 - 2019-09-17 00:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-24 08:49 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-24 08:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-24 08:38 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-24 08:35 - 2017-03-07 13:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-24 08:13 - 2019-09-17 00:56 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-24 08:13 - 2019-03-19 13:55 - 004846840 _____ C:\WINDOWS\system32\perfh005.dat
2020-07-24 08:13 - 2019-03-19 13:55 - 001372842 _____ C:\WINDOWS\system32\perfc005.dat
2020-07-24 08:13 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-24 08:05 - 2019-09-17 02:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-24 06:24 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-07-24 06:24 - 2017-03-07 14:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-07-23 14:07 - 2018-05-08 17:02 - 000000000 ___RD C:\Users\Janka\Desktop\Bob
2020-07-23 08:30 - 2018-02-08 22:08 - 000000000 ___RD C:\Users\Janka\OneDrive
2020-07-23 08:15 - 2019-09-17 18:41 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-23 08:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-07-23 07:34 - 2019-09-17 10:57 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-23 07:34 - 2019-09-17 02:17 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-07-23 06:42 - 2019-09-17 02:17 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2489188112-2961885803-1461791873-1001
2020-07-23 06:42 - 2019-09-17 00:35 - 000002415 _____ C:\Users\Janka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-21 07:51 - 2018-03-27 21:26 - 000000000 ____D C:\Users\Janka\AppData\Local\Packages
2020-07-19 08:38 - 2019-09-17 00:35 - 000000000 ____D C:\Users\Janka
2020-07-19 07:45 - 2020-04-17 08:16 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-19 07:45 - 2020-04-17 08:16 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-16 07:50 - 2019-06-07 18:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-16 07:50 - 2019-06-07 18:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-15 19:32 - 2020-04-17 08:09 - 000003582 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-15 19:32 - 2020-04-17 08:09 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-02 05:06 - 2018-03-24 15:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2018-03-28 18:59 - 2020-02-25 19:37 - 000005632 _____ () C:\Users\Janka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-20 09:11 - 2019-12-20 09:11 - 000000017 _____ () C:\Users\Janka\AppData\Local\resmon.resmoncfg
2020-03-11 21:28 - 2020-03-11 21:28 - 000000000 _____ () C:\Users\Janka\AppData\Local\{03336C97-095F-4E6E-BA09-F964BA517C67}
2020-02-15 13:11 - 2020-02-15 13:11 - 000000000 _____ () C:\Users\Janka\AppData\Local\{436FDBE4-8511-497A-BF79-D02305EBB00B}
2020-03-11 21:28 - 2020-03-11 21:28 - 000000000 _____ () C:\Users\Janka\AppData\Local\{DACD2F71-0E45-4B0B-BAAC-2E87C1F09DF9}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2020
Ran by Janka (administrator) on LAPTOP-JANKA (LENOVO 80TJ) (24-07-2020 09:16:13)
Running from C:\Users\Janka\Downloads
Loaded Profiles: Janka
Platform: Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.957_none_5f2e9e6258ea82f2\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16735744 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.89\Installer\chrmstp.exe [2020-07-16] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03300135-9B74-409F-9578-B9823C27EDF4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123752 2020-07-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2237B781-A657-41B3-BCE0-07A69BBED528} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4589AB85-A5AC-4429-8199-68F265B8D3AB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7EE5CDD5-E507-4D19-B23E-5B7A7ED4F86B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8AAC2D41-B7D7-4CA0-A80D-2D9CDA92768B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8F3D5C0A-12B3-45BB-872F-0FFB988E8B19} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123752 2020-07-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {D563A77C-D736-437A-BBCB-EF533176FB78} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-07-14] (CyberLink Corp. -> CyberLink Corp.)
Task: {D7B43E0F-D473-4CA4-81F9-31513B45E9D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [24910520 2020-07-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DB9C1D7B-C11E-42CE-B25F-E107164EA4BB} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {DD5388E9-7B1C-4A77-920E-1BFB040EBF83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-06-07] (Google Inc -> Google Inc.)
Task: {DE203DE1-A233-443B-9F2F-3D66F3CE32B4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E783C4C5-2CEA-4EAC-8D2E-459C2179E0A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpCmdRun.exe [512272 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9F666E0-EF1F-413B-9678-DF90571DA255} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-06-07] (Google Inc -> Google Inc.)
Task: {FDD6736B-DDA3-47D1-9C33-8877609DEDDB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 85.119.89.2 8.8.8.8
Tcpip\..\Interfaces\{f7b9cd55-c498-475f-be3c-1b641bdae3e7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fe16ac84-8aba-4283-8f3a-cf041ef3ac4f}: [DhcpNameServer] 85.119.89.2 8.8.8.8
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> DefaultScope {C50BADC1-9265-414B-8437-6B21C282F983} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Janka\Downloads
Edge Notifications: HKU\S-1-5-21-2489188112-2961885803-1461791873-1001 -> hxxps://www.facebook.com; hxxps://www.astratex.cz; hxxps://postovnezdarma.cz
Edge DefaultProfile: Default
Edge Profile: C:\Users\Janka\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-24]
Edge DownloadDir: C:\Users\Janka\Downloads
Edge Notifications: Default -> hxxps://meet.google.com; hxxps://postovnezdarma.cz; hxxps://www.astratex.cz; hxxps://www.facebook.com; hxxps://www.kupi.cz; hxxps://www.newchic.com
Edge StartupUrls: Default -> "hxxps://vmail.centrum.cz/?utm_source=volnyHP&utm_medium=mailbox"
FireFox:
========
FF DefaultProfile: ttszok0e.default
FF ProfilePath: C:\Users\Janka\AppData\Roaming\Mozilla\Firefox\Profiles\ttszok0e.default [2020-07-23]
FF Homepage: Mozilla\Firefox\Profiles\ttszok0e.default -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\ttszok0e.default -> hxxps://novaplus.nova.cz
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default [2019-12-15]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Prezentace) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-07-07]
CHR Extension: (Chrome Media Router) - C:\Users\Janka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [295832 2016-12-23] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574712 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-02] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmdag.sys [26587656 2016-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0309839.inf_amd64_168acb088d48fafb\atikmpag.sys [527256 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [87840 2016-12-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110104 2016-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-17] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-12-14] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-10] (Malwarebytes Corporation -> Malwarebytes)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162960 2018-04-26] (Disc Soft Ltd -> Duplex Secure Ltd)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45976 2020-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [408816 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-02] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-24 09:15 - 2020-07-24 09:16 - 000000000 ____D C:\Users\Janka\Downloads\FRST-OlderVersion
2020-07-23 15:04 - 2020-07-23 15:37 - 000036510 _____ C:\Users\Janka\Downloads\Addition.txt
2020-07-23 14:59 - 2020-07-24 09:22 - 000014165 _____ C:\Users\Janka\Downloads\FRST.txt
2020-07-23 14:59 - 2020-07-24 09:19 - 000000000 ____D C:\FRST
2020-07-23 14:56 - 2020-07-24 09:15 - 002294784 _____ (Farbar) C:\Users\Janka\Downloads\FRST64.exe
2020-07-23 14:03 - 2020-07-23 14:05 - 000000000 ____D C:\AdwCleaner
2020-07-23 14:02 - 2020-07-23 14:02 - 008420016 _____ (Malwarebytes) C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe
2020-07-23 08:30 - 2020-07-23 08:30 - 000000000 ___HD C:\OneDriveTemp
2020-07-23 07:31 - 2020-07-23 07:32 - 028064096 _____ (Piriform Software Ltd) C:\Users\Janka\Downloads\ccsetup569.exe
2020-07-20 18:23 - 2020-07-20 18:23 - 004824576 _____ C:\Users\Janka\Downloads\Celej_tatik_HH (1).pps
2020-07-20 18:21 - 2020-07-20 18:21 - 004824576 _____ C:\Users\Janka\Downloads\Celej_tatik_HH.pps
2020-07-20 09:45 - 2020-07-20 09:45 - 002274465 _____ C:\Users\Janka\Downloads\Trhlina_ve_dzbanu.pptx
2020-07-20 05:32 - 2020-07-20 05:32 - 001566208 _____ C:\Users\Janka\Downloads\Bohu_se_nesmi_posmivat.pps
2020-07-19 08:32 - 2020-07-19 08:32 - 004154880 _____ C:\Users\Janka\Downloads\BlueTrain-Africa.pps
2020-07-19 08:20 - 2020-07-19 08:20 - 000423424 _____ C:\Users\Janka\Downloads\Rasizmus__HP_1.pps
2020-07-19 08:15 - 2020-07-19 08:15 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco (2).pps
2020-07-19 08:15 - 2020-07-19 08:15 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco (1).pps
2020-07-18 20:09 - 2020-07-18 20:09 - 004258304 _____ C:\Users\Janka\Downloads\Čínské_Tesco.pps
2020-07-16 18:55 - 2020-07-16 18:55 - 007267328 _____ C:\Users\Janka\Downloads\VodopaÌdy_IguazuÌ.pps
2020-07-16 18:55 - 2020-07-16 18:55 - 007267328 _____ C:\Users\Janka\Downloads\VodopaÌdy_IguazuÌ (1).pps
2020-07-16 06:02 - 2020-06-30 06:32 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-07-16 06:02 - 2020-06-30 06:26 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-07-15 18:33 - 2020-07-15 18:33 - 000000000 __SHD C:\found.004
2020-07-15 18:12 - 2020-07-15 18:12 - 000000000 __SHD C:\found.003
2020-07-14 07:23 - 2020-07-14 07:24 - 006170624 _____ C:\Users\Janka\Downloads\Krkonose_2011.pps
2020-07-13 18:58 - 2020-07-13 18:59 - 006819328 _____ C:\Users\Janka\Downloads\IN_MEMORIAM_-_Hroby_slavných.pps
2020-07-10 18:32 - 2020-07-10 18:32 - 007130624 _____ C:\Users\Janka\Downloads\Tam_ve_vysce.pps
2020-07-10 18:31 - 2020-07-10 18:31 - 000000178 _____ C:\Users\Janka\Downloads\ATT00010.html
2020-07-09 18:01 - 2020-07-09 18:02 - 007861248 _____ C:\Users\Janka\Downloads\Holandská_pohádka.pps
2020-07-08 17:26 - 2020-07-08 17:26 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose (2).pps
2020-07-08 17:25 - 2020-07-08 17:25 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose (1).pps
2020-07-08 17:24 - 2020-07-08 17:24 - 000903168 _____ C:\Users\Janka\Downloads\Krkonose.pps
2020-07-08 17:24 - 2020-07-08 17:24 - 000000091 ____H C:\Users\Janka\Downloads\.~lock.Krkonose.pps#
2020-07-08 15:43 - 2020-07-08 15:43 - 011330560 _____ C:\Users\Janka\Downloads\G_570_FRANCIA_PROFUNDA.pps
2020-07-08 15:41 - 2020-07-08 15:41 - 006701056 _____ C:\Users\Janka\Downloads\Tombe_la_neige-_Adamo.pps
2020-07-08 15:33 - 2020-07-08 15:34 - 006160896 _____ C:\Users\Janka\Downloads\Kapky_deste (1).pps
2020-07-08 15:28 - 2020-07-08 15:29 - 016346450 _____ C:\Users\Janka\Downloads\Krasy_Tatier_ (4).ppsx
2020-07-07 18:32 - 2020-07-07 18:33 - 001838592 _____ C:\Users\Janka\Downloads\MMF.pps
2020-07-06 05:51 - 2020-07-06 05:51 - 003784704 _____ C:\Users\Janka\Downloads\C_260_La_vile_souterraine1111-2111.pps
2020-07-05 16:13 - 2020-07-05 16:14 - 000278016 _____ C:\Users\Janka\Downloads\Úžasný_obrázek_z_Burmy.pps
2020-07-03 18:33 - 2020-07-03 18:33 - 001617920 _____ C:\Users\Janka\Downloads\Děsivé_svědectví_z_Řecka.pps
2020-07-03 18:33 - 2020-07-03 18:33 - 001617920 _____ C:\Users\Janka\Downloads\Děsivé_svědectví_z_Řecka (1).pps
2020-07-03 17:48 - 2020-07-03 17:48 - 005790720 _____ C:\Users\Janka\Downloads\444_novell__basilica_de_san_marcos1.pps
2020-07-03 17:33 - 2020-07-03 17:33 - 004511744 _____ C:\Users\Janka\Downloads\Samobarvící_fotografie-nádhera1.pps
2020-07-03 17:27 - 2020-07-03 17:28 - 008308224 _____ C:\Users\Janka\Downloads\Nádherné_fotky_letošního_roku (1).pps
2020-07-03 17:26 - 2020-07-03 17:26 - 008308224 _____ C:\Users\Janka\Downloads\Nádherné_fotky_letošního_roku.pps
2020-07-02 07:12 - 2020-07-02 07:12 - 000000000 __SHD C:\found.002
2020-07-01 09:31 - 2020-07-01 09:32 - 005167104 _____ C:\Users\Janka\Downloads\Sila_umeni_-_Art.pps
2020-06-29 19:04 - 2020-06-29 19:05 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (3).mov
2020-06-29 19:03 - 2020-06-29 19:03 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (2).mov
2020-06-29 18:59 - 2020-06-29 19:00 - 009746682 _____ C:\Users\Janka\Downloads\Video_1 (1).mov
2020-06-29 18:57 - 2020-06-29 18:58 - 008153429 _____ C:\Users\Janka\Downloads\Video (7).mov
2020-06-29 18:37 - 2020-06-29 18:37 - 008153429 _____ C:\Users\Janka\Downloads\Video (6).mov
2020-06-28 19:04 - 2020-06-28 19:05 - 007312384 _____ C:\Users\Janka\Downloads\Air_Force_One_of_Vladimir_Putin.pps
2020-06-28 19:03 - 2020-06-28 19:04 - 004765184 _____ C:\Users\Janka\Downloads\Letadlo_Donalda_Trumpa.pps
2020-06-28 18:40 - 2020-06-28 18:41 - 001932288 _____ C:\Users\Janka\Downloads\TigerW (2).pps
2020-06-25 20:02 - 2020-06-25 20:02 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (4).pps
2020-06-25 19:55 - 2020-06-25 19:55 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (3).pps
2020-06-25 19:55 - 2020-06-25 19:55 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (2).pps
2020-06-24 18:11 - 2020-06-24 18:11 - 009746682 _____ C:\Users\Janka\Downloads\Video_1.mov
2020-06-24 18:08 - 2020-06-24 18:08 - 008153429 _____ C:\Users\Janka\Downloads\Video (5).mov
2020-06-24 18:07 - 2020-06-24 18:08 - 008153429 _____ C:\Users\Janka\Downloads\Video (4).mov
2020-06-24 17:43 - 2020-06-24 17:54 - 394590336 _____ C:\Users\Janka\Downloads\zasilka-ZO8XH9P9I9E5KN4X (1).zip
2020-06-24 16:46 - 2020-06-24 16:46 - 005769216 _____ C:\Users\Janka\Downloads\India_-_Červená_pevnost.pps
2020-06-24 16:32 - 2020-06-24 16:33 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK).pps
2020-06-24 16:32 - 2020-06-24 16:33 - 004273664 _____ C:\Users\Janka\Downloads\Krasy_Madeiry__(ZVUK) (1).pps
2020-06-24 16:26 - 2020-06-24 16:26 - 005355520 _____ C:\Users\Janka\Downloads\Decouverte-des-fonds-marins.pps
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-07-24 09:20 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-24 09:05 - 2019-09-17 00:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-24 08:49 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-24 08:49 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-24 08:38 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-24 08:35 - 2017-03-07 13:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-07-24 08:13 - 2019-09-17 00:56 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-07-24 08:13 - 2019-03-19 13:55 - 004846840 _____ C:\WINDOWS\system32\perfh005.dat
2020-07-24 08:13 - 2019-03-19 13:55 - 001372842 _____ C:\WINDOWS\system32\perfc005.dat
2020-07-24 08:13 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-07-24 08:05 - 2019-09-17 02:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-07-24 06:24 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-07-24 06:24 - 2017-03-07 14:42 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-07-23 14:07 - 2018-05-08 17:02 - 000000000 ___RD C:\Users\Janka\Desktop\Bob
2020-07-23 08:30 - 2018-02-08 22:08 - 000000000 ___RD C:\Users\Janka\OneDrive
2020-07-23 08:15 - 2019-09-17 18:41 - 000000000 ____D C:\WINDOWS\Minidump
2020-07-23 08:15 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-07-23 07:34 - 2019-09-17 10:57 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-07-23 07:34 - 2019-09-17 02:17 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-07-23 06:42 - 2019-09-17 02:17 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2489188112-2961885803-1461791873-1001
2020-07-23 06:42 - 2019-09-17 00:35 - 000002415 _____ C:\Users\Janka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-07-21 07:51 - 2018-03-27 21:26 - 000000000 ____D C:\Users\Janka\AppData\Local\Packages
2020-07-19 08:38 - 2019-09-17 00:35 - 000000000 ____D C:\Users\Janka
2020-07-19 07:45 - 2020-04-17 08:16 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-07-19 07:45 - 2020-04-17 08:16 - 000002264 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-07-16 07:50 - 2019-06-07 18:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-07-16 07:50 - 2019-06-07 18:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-07-15 19:32 - 2020-04-17 08:09 - 000003582 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-07-15 19:32 - 2020-04-17 08:09 - 000003458 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-07-02 05:06 - 2018-03-24 15:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Files in the root of some directories ========
2018-03-28 18:59 - 2020-02-25 19:37 - 000005632 _____ () C:\Users\Janka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-12-20 09:11 - 2019-12-20 09:11 - 000000017 _____ () C:\Users\Janka\AppData\Local\resmon.resmoncfg
2020-03-11 21:28 - 2020-03-11 21:28 - 000000000 _____ () C:\Users\Janka\AppData\Local\{03336C97-095F-4E6E-BA09-F964BA517C67}
2020-02-15 13:11 - 2020-02-15 13:11 - 000000000 _____ () C:\Users\Janka\AppData\Local\{436FDBE4-8511-497A-BF79-D02305EBB00B}
2020-03-11 21:28 - 2020-03-11 21:28 - 000000000 _____ () C:\Users\Janka\AppData\Local\{DACD2F71-0E45-4B0B-BAAC-2E87C1F09DF9}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: zdravím a prosím kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2020
Ran by Janka (24-07-2020 09:27:49)
Running from C:\Users\Janka\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 00:18:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2489188112-2961885803-1461791873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2489188112-2961885803-1461791873-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2489188112-2961885803-1461791873-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2489188112-2961885803-1461791873-501 - Limited - Disabled)
Janka (S-1-5-21-2489188112-2961885803-1461791873-1001 - Administrator - Enabled) => C:\Users\Janka
WDAGUtilityAccount (S-1-5-21-2489188112-2961885803-1461791873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6714 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.40 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13001.20384 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
StarBurn Version 15.7 (Build 0x20170407) (HKLM-x32\...\StarBurn_is1) (Version: 15.7 - StarBurn Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.30.0_x64__k1h2ywk1493x8 [2020-06-30] (LENOVO INC.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.9.0.7_x86__h6adky7gbf63m [2020-06-25] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0 [2020-07-13] (Spotify AB) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-06-29 19:13 - 2016-06-29 19:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-19 09:32 - 2020-04-19 09:33 - 000165376 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DAXRPCClient.dll
2020-04-19 09:32 - 2020-04-19 09:35 - 037219328 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-11 09:06 - 2020-04-11 09:11 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\e_sqlite3.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Janka\Downloads\ccsetup569.exe:SmartScreen [7]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-12-15 09:41 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-08-26 18:16 - 2019-08-26 18:16 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LAPTOP-Janka.mshome.net # 2024 8 6 24 16 16 46 260
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\Control Panel\Desktop\\Wallpaper -> D:\Obrázky\pejsci\P1040871.JPG
DNS Servers: 85.119.89.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{18F160DD-F34C-42AC-9842-62947AC2985F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B35E41BB-120F-459B-ACE4-15915300A5CE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{257F1693-5700-40D5-A2CD-6094602B9064}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77D673CF-E1D0-41FF-9477-E40D7AF67A10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94E9BEF6-0788-43EC-BEA5-BA1B5CDA43B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70790024-AE66-435F-8CBF-8B1B83BB1D4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C68B9CA9-B0F4-4BC2-B31E-CAE6314ACDFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9485B5DD-4F0C-4490-933D-8C7AF0DD7545}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0750655F-59A4-4C85-8EC5-255CD35B4638}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D701F1-638F-47ED-8527-602C1EDD07E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87C9153B-480A-47D5-A233-4555E1C8F684}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0348B853-ED7E-46C1-A64A-20607B76265C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80995102-3F42-4BC5-8FA3-F3E12D1CBC15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A03B252-C72F-4FCF-B0F6-25702CC1B3DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7D6A242-E6F3-458F-BD20-DDEBF3D248B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-03-2020 11:58:32 Windows Update
11-03-2020 19:36:59 Windows Update
16-04-2020 06:50:01 Windows Update
19-04-2020 09:33:16 Windows Update
24-04-2020 09:53:17 Windows Update
02-05-2020 10:26:09 Windows Update
10-05-2020 11:05:09 Windows Update
14-05-2020 07:38:00 Windows Update
17-05-2020 10:54:03 Windows Update
21-05-2020 18:25:51 Windows Update
26-05-2020 13:45:09 Windows Update
30-05-2020 18:46:48 Windows Update
04-06-2020 18:57:25 Windows Update
09-06-2020 19:12:26 Windows Update
14-06-2020 18:46:30 Windows Update
18-06-2020 17:43:23 Windows Update
23-06-2020 18:40:05 Windows Update
28-06-2020 14:30:14 Windows Update
01-07-2020 20:56:30 Windows Update
06-07-2020 18:23:33 Windows Update
10-07-2020 06:19:08 Windows Update
14-07-2020 18:48:48 Windows Update
18-07-2020 06:02:46 Windows Update
24-07-2020 08:11:33 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/24/2020 09:17:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/24/2020 09:00:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.18362.628, časové razítko: 0xb8640219
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.719, časové razítko: 0x64d10ee0
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000072a6
ID chybujícího procesu: 0x1e70
Čas spuštění chybující aplikace: 0x01d661817fa1487d
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 96a72fb2-b0ae-474a-909f-8ed8ed2ae983
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/24/2020 08:55:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3384,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/24/2020 08:13:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (07/24/2020 08:13:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/24/2020 08:13:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/24/2020 08:12:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (07/24/2020 06:13:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5864,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (07/24/2020 09:20:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 09:00:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0988): 2020-07 Kumulativní aktualizace pro Windows 10 Version 1903 pro systémy typu x64 (KB4565483).
Error: (07/24/2020 08:35:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 08:25:57 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server {659CDEA7-489E-11D9-A9CD-000D56965251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 08:10:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 08:06:30 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 06:07:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/23/2020 05:38:26 PM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Windows Defender:
===================================
Date: 2020-07-12 17:59:43.609
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.608
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.607
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-06-28 14:41:44.921
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2020-06-28 14:34:32.650
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-04-17 06:28:23.832
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.811
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.137
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.114
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.060
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.033
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.744
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.601
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Lenovo 1QCN32WW 08/18/2016
Motherboard: LENOVO Nano 5A8
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 81%
Total physical RAM: 3490.6 MB
Available physical RAM: 643.08 MB
Total Virtual: 7074.6 MB
Available Virtual: 3726.11 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:443.68 GB) (Free:360.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:467.58 GB) (Free:458.05 GB) NTFS
\\?\Volume{6c23730e-e998-4778-9b27-46d999e4ab5c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{15ce846e-9175-493c-b893-f4221c50b338}\ (LENOVO_PART) (Fixed) (Total:18.03 GB) (Free:5.97 GB) NTFS
\\?\Volume{548d78a3-88da-480c-bfbe-b0ff4965f77a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 25CEF3CA)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by Janka (24-07-2020 09:27:49)
Running from C:\Users\Janka\Downloads
Windows 10 Home Version 1903 18362.720 (X64) (2019-09-17 00:18:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2489188112-2961885803-1461791873-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2489188112-2961885803-1461791873-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2489188112-2961885803-1461791873-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2489188112-2961885803-1461791873-501 - Limited - Disabled)
Janka (S-1-5-21-2489188112-2961885803-1461791873-1001 - Administrator - Enabled) => C:\Users\Janka
WDAGUtilityAccount (S-1-5-21-2489188112-2961885803-1461791873-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{DB929D3C-5DF3-95A0-456F-403306EE69B6}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{EE08C0D5-792F-B256-A499-ECEC56915562}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{37F9C96B-294A-D6A7-183D-930C8A2F5D68}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{DAC91F38-7D04-90FC-19CB-AC1C608012ED}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{40E57BA2-6029-7A5D-A2BE-7D47039159D0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{7A54ECFD-70B7-08DF-D581-8CD04B4CDA09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{C0F8A189-4C96-0179-ACEE-A98F618FD472}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{60694907-C4DE-A4AE-8DD0-E2E50E3A9C14}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{592C6F67-5D6B-8E34-90B9-2E9D44FC537B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5F16D84E-851C-29BB-3CBE-A480DBAE3A09}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{13D096A7-D644-944F-F99D-82A17015AAE0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{06B55CAD-9FF0-EE80-954C-32FA86AED3BF}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{3B613BFA-C0AC-5FBF-29B1-3C362DFE417B}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3364BA9-283A-2B4C-2DED-90C284A54B8D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6E30A3B3-5427-9D91-5878-BD61820C5671}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{1E282415-8F60-005E-58C2-8FA7A7A391FB}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{8384ACC1-D00D-3818-8C45-E41E3C3FC6F9}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DA4880B9-F477-386C-B07D-E13A7F4565C4}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{0FEDC0A5-8ED6-1A59-78A4-35E82784E3E0}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3BF8C0EC-3127-F42D-78B7-7C5C9E682657}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{3F6354FB-8E86-4BEF-A53F-141D1493EE6D}) (Version: 2016.1216.1933.35155 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.69 - Piriform)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6714 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 84.0.4147.89 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
LibreOffice 6.0.4.2 (HKLM\...\{CBC4E8DF-CCBD-4260-A6A5-B682BA706DC4}) (Version: 6.0.4.2 - The Document Foundation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.40 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13001.20384 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\OneDriveSetup.exe) (Version: 20.114.0607.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13001.20266 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13001.20144 - Microsoft Corporation) Hidden
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
StarBurn Version 15.7 (Build 0x20170407) (HKLM-x32\...\StarBurn_is1) (Version: 15.7 - StarBurn Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-10] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220 [2020-04-19] (Dolby Laboratories)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.30.0_x64__k1h2ywk1493x8 [2020-06-30] (LENOVO INC.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.9.0.7_x86__h6adky7gbf63m [2020-06-25] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.7162.0_x64__8wekyb3d8bbwe [2020-07-21] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0 [2020-07-13] (Spotify AB) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-03-22] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-12-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2016-06-29 19:13 - 2016-06-29 19:13 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-04-19 09:32 - 2020-04-19 09:33 - 000165376 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DAXRPCClient.dll
2020-04-19 09:32 - 2020-04-19 09:35 - 037219328 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\DolbyAccess.dll
2020-04-11 09:06 - 2020-04-11 09:11 - 001165824 _____ () [File not signed] C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.2.169.0_x64__rz1tebttyb220\e_sqlite3.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-06-29 19:13 - 2016-06-29 19:13 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Janka\Downloads\adwcleaner_8.0.6.exe:SmartScreen [7]
AlternateDataStreams: C:\Users\Janka\Downloads\ccsetup569.exe:SmartScreen [7]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2019-12-15 09:41 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-08-26 18:16 - 2019-08-26 18:16 - 000000440 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 LAPTOP-Janka.mshome.net # 2024 8 6 24 16 16 46 260
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\Control Panel\Desktop\\Wallpaper -> D:\Obrázky\pejsci\P1040871.JPG
DNS Servers: 85.119.89.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2489188112-2961885803-1461791873-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{18F160DD-F34C-42AC-9842-62947AC2985F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B35E41BB-120F-459B-ACE4-15915300A5CE}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{257F1693-5700-40D5-A2CD-6094602B9064}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77D673CF-E1D0-41FF-9477-E40D7AF67A10}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94E9BEF6-0788-43EC-BEA5-BA1B5CDA43B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70790024-AE66-435F-8CBF-8B1B83BB1D4F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C68B9CA9-B0F4-4BC2-B31E-CAE6314ACDFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9485B5DD-4F0C-4490-933D-8C7AF0DD7545}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0750655F-59A4-4C85-8EC5-255CD35B4638}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90D701F1-638F-47ED-8527-602C1EDD07E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.137.690.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{87C9153B-480A-47D5-A233-4555E1C8F684}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{0348B853-ED7E-46C1-A64A-20607B76265C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{80995102-3F42-4BC5-8FA3-F3E12D1CBC15}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A03B252-C72F-4FCF-B0F6-25702CC1B3DE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E7D6A242-E6F3-458F-BD20-DDEBF3D248B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-03-2020 11:58:32 Windows Update
11-03-2020 19:36:59 Windows Update
16-04-2020 06:50:01 Windows Update
19-04-2020 09:33:16 Windows Update
24-04-2020 09:53:17 Windows Update
02-05-2020 10:26:09 Windows Update
10-05-2020 11:05:09 Windows Update
14-05-2020 07:38:00 Windows Update
17-05-2020 10:54:03 Windows Update
21-05-2020 18:25:51 Windows Update
26-05-2020 13:45:09 Windows Update
30-05-2020 18:46:48 Windows Update
04-06-2020 18:57:25 Windows Update
09-06-2020 19:12:26 Windows Update
14-06-2020 18:46:30 Windows Update
18-06-2020 17:43:23 Windows Update
23-06-2020 18:40:05 Windows Update
28-06-2020 14:30:14 Windows Update
01-07-2020 20:56:30 Windows Update
06-07-2020 18:23:33 Windows Update
10-07-2020 06:19:08 Windows Update
14-07-2020 18:48:48 Windows Update
18-07-2020 06:02:46 Windows Update
24-07-2020 08:11:33 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/24/2020 09:17:29 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/24/2020 09:00:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.18362.628, časové razítko: 0xb8640219
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.719, časové razítko: 0x64d10ee0
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000072a6
ID chybujícího procesu: 0x1e70
Čas spuštění chybující aplikace: 0x01d661817fa1487d
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 96a72fb2-b0ae-474a-909f-8ed8ed2ae983
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (07/24/2020 08:55:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3384,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/24/2020 08:13:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (07/24/2020 08:13:22 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/24/2020 08:13:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (07/24/2020 08:12:02 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).
System Error:
Přístup byl odepřen.
.
Error: (07/24/2020 06:13:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5864,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (07/24/2020 09:20:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 09:00:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0988): 2020-07 Kumulativní aktualizace pro Windows 10 Version 1903 pro systémy typu x64 (KB4565483).
Error: (07/24/2020 08:35:59 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 08:25:57 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server {659CDEA7-489E-11D9-A9CD-000D56965251} se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 08:10:44 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 08:06:30 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/24/2020 06:07:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-JANKA)
Description: Server Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (07/23/2020 05:38:26 PM) (Source: TPM) (EventID: 12) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k chybě ovladače zařízení, kvůli které je možné, že nebudou správně fungovat některé aplikace využívající služby TPM. Restartujte počítač, aby byl resetován hardware čipu TPM. Budete-li potřebovat další pomoc při řešení těchto hardwarových potíží, obraťte se na výrobce počítače.
Windows Defender:
===================================
Date: 2020-07-12 17:59:43.609
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.608
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-07-12 17:59:43.607
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.1330.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2020-06-28 14:41:44.921
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2020-06-28 14:34:32.650
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.319.249.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17200.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-04-17 06:28:23.832
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.811
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.137
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.114
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.060
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:23.033
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.744
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2020-04-17 06:28:22.601
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Lenovo 1QCN32WW 08/18/2016
Motherboard: LENOVO Nano 5A8
Processor: AMD A6-7310 APU with AMD Radeon R4 Graphics
Percentage of memory in use: 81%
Total physical RAM: 3490.6 MB
Available physical RAM: 643.08 MB
Total Virtual: 7074.6 MB
Available Virtual: 3726.11 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:443.68 GB) (Free:360.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:467.58 GB) (Free:458.05 GB) NTFS
\\?\Volume{6c23730e-e998-4778-9b27-46d999e4ab5c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{15ce846e-9175-493c-b893-f4221c50b338}\ (LENOVO_PART) (Fixed) (Total:18.03 GB) (Free:5.97 GB) NTFS
\\?\Volume{548d78a3-88da-480c-bfbe-b0ff4965f77a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 25CEF3CA)
Partition: GPT.
==================== End of Addition.txt =======================
Re: zdravím a prosím kontrolu
su nejake problemy s PC ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: zdravím a prosím kontrolu
Žádné zvláštní problémy se neobjevují, jen se mi občas zdá, že jsou některé aplikace zpomalené
stále se ještě s WIN10 seznamuji
děkuji za kontrolu a kdybys našel ještě nějaké zbytečnosti tak bych se jich ráda zbavila
stále se ještě s WIN10 seznamuji
děkuji za kontrolu a kdybys našel ještě nějaké zbytečnosti tak bych se jich ráda zbavila
Re: zdravím a prosím kontrolu
Logy su OK, disk mal nejake problemy, to by mal chkdsk opravit ☺
Lock
Lock
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?