Dobrý večer,
prosím o kontrolu logu, pobláznil se touchpad.
Po kontrole MBANem a vymazání pár neřádů jde v pořádku. Tak prosím preventivně.
Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-11-2020
Ran by Petr Zvara (21-11-2020 21:49:08)
Running from C:\Users\Petr Zvara\Downloads
Windows 10 Pro Version 2004 19041.630 (X64) (2020-08-17 08:36:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-957298648-762153105-1476455773-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-957298648-762153105-1476455773-503 - Limited - Disabled)
Guest (S-1-5-21-957298648-762153105-1476455773-501 - Limited - Disabled)
Petr Zvara (S-1-5-21-957298648-762153105-1476455773-1001 - Administrator - Enabled) => C:\Users\Petr Zvara
WDAGUtilityAccount (S-1-5-21-957298648-762153105-1476455773-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
LibreOffice 5.3.1.2 (HKLM\...\{9A2A4317-64E9-4631-997A-F2C4F8A512C7}) (Version: 5.3.1.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.41 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 82.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.3 (x64 cs)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 82.0.3.7617 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Plánovač tras Google verze 1.85 (HKLM-x32\...\Plánovač tras Google_is1) (Version: 1.85 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Teplo 2017 EDU (HKLM-x32\...\Teplo 2017 EDU_is1) (Version: 2017 - Svoboda Software)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-17] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.181.400.0_x86__kgqvnymyfvs32 [2020-11-15] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-08-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20104.23.0_x64__8wekyb3d8bbwe [2020-11-21] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_Resource [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-22 11:24 - 2019-01-04 17:12 - 000000835 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-957298648-762153105-1476455773-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3C4AE963-E2DB-4D4A-ABD6-A5DA6FC81356}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CAB50755-0802-4B0F-816F-4525F8C73C3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A30DE253-7BFB-48A0-8181-A89D078C4888}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C8CCC80F-AF6C-4636-B71D-A0F7DCCB0FDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCC45D40-5C38-44BE-9488-CB1E7DF67A38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAA44084-0DD2-4F7D-8D8C-5C6427FDD79F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{304B8F59-58B3-42A9-B1C9-F44890BE50A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-11-2020 15:33:14 Instalační služba modulů systému Windows
18-11-2020 20:36:49 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/21/2020 09:28:17 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (11/21/2020 07:52:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.829, časové razítko: 0x5f936297
Název chybujícího modulu: Qt5Core.dll, verze: 5.14.1.0, časové razítko: 0x5f84e8d4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000219dc5
ID chybujícího procesu: 0x1a74
Čas spuštění chybující aplikace: 0x01d6c03443d9192a
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: b42a32a0-1a0d-4704-b4dc-8ac21cc308ab
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/21/2020 04:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0x4fe0bcb3
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x1b1c
Čas spuštění chybující aplikace: 0x01d6c01ba3fd32d9
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: cb715b77-b3d6-49e1-9156-c26924b3c885
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (11/13/2020 05:38:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 8.65.0.78 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2ee0
Čas spuštění: 01d6b9db2a0e3b3b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
ID hlášení: aad51ff6-37ad-4e60-9e69-43c83b4c712c
Úplný název balíčku s chybou: Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (09/25/2020 03:52:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 8.63.0.76 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 13f8
Čas spuštění: 01d692487734e760
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
ID hlášení: 51157566-d05a-4d87-80db-21deab372f68
Úplný název balíčku s chybou: Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (09/08/2020 06:39:27 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/18/2020 09:53:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xeab8dc5a
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.423, časové razítko: 0xed02c0bc
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x29ec
Čas spuštění chybující aplikace: 0x01d675a192c81b10
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 82613872-edc6-4c19-a1d9-458e01379cd8
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (08/17/2020 07:31:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.386_none_e72d64cd263a3a51\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x81000101).
System errors:
=============
Error: (11/21/2020 09:25:56 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/21/2020 07:27:58 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/21/2020 07:09:10 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/20/2020 06:34:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-11-21 18:52:40.6250000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3C038A68-BCD9-4C67-BFBD-DECB125D8238}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NMA4QA9\Petr Zvara
Date: 2020-11-21 18:50:19.7750000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1EEB88AA-8213-40C5-962F-279599F12B8B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NMA4QA9\Petr Zvara
Date: 2020-10-13 13:30:43.4820000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EEBD4D60-0503-4E47-929F-62C6076CB117}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-11-21 18:58:29.3850000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1255.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-11-21 19:31:31.6190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-21 19:31:31.5950000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO AFCN30WW(V2.02) 10/01/2015
Motherboard: LENOVO Lenovo E31-70
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8105.85 MB
Available physical RAM: 5079.69 MB
Total Virtual: 9385.85 MB
Available Virtual: 6287.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.36 GB) (Free:172.22 GB) NTFS
\\?\Volume{01190f40-4127-4eff-8607-56750521037a}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{93fc1aee-eb44-415b-9a91-6d9a0d016a0d}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{bedbc1ff-42cf-4037-9f89-1f469196c11e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: DA057F4D)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-11-2020
Ran by Petr Zvara (administrator) on DESKTOP-NMA4QA9 (LENOVO 80KX) (21-11-2020 21:47:24)
Running from C:\Users\Petr Zvara\Downloads
Loaded Profiles: Petr Zvara
Platform: Windows 10 Pro Version 2004 19041.630 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\SUGE1PC: C:\Windows\System32\spool\prtprocs\x64\suge1pc.dll [33792 2009-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A067C17-3A71-459F-8487-AFEB30A6FD58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {27DAA860-C2C5-4406-9D8A-DB8D12026130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {29B77A92-9C02-4905-8376-A0F72AD34DF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {384CFE12-404C-459D-853D-360C070458A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {642F1D74-A0C9-42B4-B967-54D61212E475} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB70507F-83FC-4F0A-8826-BDC5F3CE8623} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC6F5F68-FE44-4A99-B9ED-8F1504D5C9F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-20] (Avast Software s.r.o. -> Avast Software)
Task: {BC9923A0-1BDE-41E3-B422-6ABA99E8CA27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA4E808A-41CB-45F6-9A22-579BD86E1EB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {D9CEC501-78EE-44F1-BCFA-1932EF1C8271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c3c18e4-bc8a-4304-a9ba-bad20565e88a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{54dc268a-e8d3-4c86-9131-5a2ee54aadd5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cbf7fbc0-5d7c-4e0d-8e71-967c75114c7c}: [DhcpNameServer] 10.0.0.138
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-957298648-762153105-1476455773-1001 -> hxxp://google.cz/
Edge Profile: C:\Users\Petr Zvara\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-21]
Edge HomePage: Default -> hxxp://google.cz/
Edge StartupUrls: Default -> "hxxp://google.cz/"
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}
FireFox:
========
FF DefaultProfile: 16epy6c1.default
FF ProfilePath: C:\Users\Petr Zvara\AppData\Roaming\Mozilla\Firefox\Profiles\16epy6c1.default [2020-11-21]
FF Homepage: Mozilla\Firefox\Profiles\16epy6c1.default -> hxxps://www.google.cz/
FF HomepageOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Disabled: _jnMembers_@www.pdfconverttools.com
FF NewTabOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Disabled: _jnMembers_@www.pdfconverttools.com
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default [2020-11-21]
CHR Notifications: Default -> hxxps://www.megaknihy.cz
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Dokumenty) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-21]
CHR Extension: (YouTube) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-01]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-21]
CHR Extension: (Tabulky) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-21]
CHR Extension: (Avast Online Security) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl923646b8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00EE0FE1-62DB-4808-9153-126A3EEC7B26}\MpKslDrv.sys [47336 2020-11-21] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-21 21:47 - 2020-11-21 21:47 - 000014472 _____ C:\Users\Petr Zvara\Downloads\FRST.txt
2020-11-21 21:47 - 2020-11-21 21:47 - 000000000 ____D C:\FRST
2020-11-21 21:35 - 2020-11-21 21:36 - 002294784 _____ (Farbar) C:\Users\Petr Zvara\Downloads\FRST64.exe
2020-11-21 21:30 - 2020-11-21 21:30 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2020-11-21 21:26 - 2020-11-21 21:26 - 000000392 _____ C:\Users\Petr Zvara\Documents\cc_20201121_212641.reg
2020-11-21 19:48 - 2020-11-21 21:31 - 000000000 ____D C:\WINDOWS\TempInst
2020-11-21 19:48 - 2020-11-21 21:31 - 000000000 ____D C:\ProgramData\Lenovo
2020-11-21 19:48 - 2020-11-21 20:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2020-11-21 19:37 - 2020-11-21 21:31 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-11-21 19:37 - 2020-11-21 19:48 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\LenovoServiceBridge
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_01009.Wdf
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____D C:\WINDOWS\system32\%ProgramData%
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\Lenovo
2020-11-21 19:33 - 2020-11-21 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-11-21 19:33 - 2020-11-21 19:33 - 003213352 _____ (Lenovo ) C:\Users\Petr Zvara\Downloads\LSBSetup.exe
2020-11-21 19:28 - 2020-11-21 19:28 - 000002648 _____ C:\Users\Petr Zvara\Documents\cc_20201121_192848.reg
2020-11-21 19:14 - 2020-11-21 19:14 - 000000000 ____D C:\WINDOWS\pss
2020-11-21 19:10 - 2020-11-21 19:10 - 000083782 _____ C:\Users\Petr Zvara\Documents\cc_20201121_191011.reg
2020-11-21 19:10 - 2020-11-21 19:10 - 000006600 _____ C:\Users\Petr Zvara\Documents\cc_20201121_191037.reg
2020-11-21 19:06 - 2020-11-21 19:06 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\mbam
2020-11-21 19:06 - 2020-11-21 19:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-21 19:03 - 2020-11-21 19:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-18 20:46 - 2020-11-18 20:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-18 20:46 - 2020-11-18 20:46 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-18 20:40 - 2020-11-19 08:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-11-10 19:16 - 2020-11-10 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-10 19:11 - 2020-11-15 20:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-01 21:25 - 2020-11-01 21:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-11-01 21:24 - 2020-11-01 21:24 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-11-01 21:23 - 2020-11-01 21:23 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-11-01 21:23 - 2020-11-01 21:23 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-11-01 21:23 - 2020-11-01 21:23 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-11-01 21:23 - 2020-11-01 21:23 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-11-01 21:23 - 2020-11-01 21:23 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-11-01 21:23 - 2020-11-01 21:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-11-01 21:23 - 2020-11-01 21:23 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-01 21:22 - 2020-11-01 21:22 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-11-01 21:22 - 2020-11-01 21:22 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-11-01 21:21 - 2020-11-01 21:21 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-21 21:46 - 2019-02-24 13:58 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\D3DSCache
2020-11-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-21 21:29 - 2017-07-09 12:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-11-21 21:29 - 2017-03-31 18:18 - 000000000 __SHD C:\Users\Petr Zvara\IntelGraphicsProfiles
2020-11-21 21:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-21 21:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-21 20:45 - 2020-08-17 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-21 19:52 - 2018-09-30 13:32 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\CrashDumps
2020-11-21 19:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-21 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-21 19:34 - 2020-08-17 09:38 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-21 19:34 - 2019-12-07 15:43 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-21 19:34 - 2019-12-07 15:43 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-21 19:29 - 2020-08-17 09:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-21 19:29 - 2020-08-17 09:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-21 19:29 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-21 19:29 - 2017-07-09 12:52 - 000000000 ____D C:\ProgramData\Synaptics
2020-11-21 19:29 - 2017-04-01 09:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-21 19:20 - 2019-01-14 15:31 - 000000000 ____D C:\Users\Petr Zvara\Desktop\USA 2019
2020-11-21 19:17 - 2017-04-01 09:38 - 000000000 ____D C:\Users\Petr Zvara\AppData\LocalLow\Mozilla
2020-11-21 19:09 - 2020-08-05 19:35 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-21 19:00 - 2017-04-01 08:57 - 000000000 ____D C:\Users\Petr Zvara\Desktop\Faktury skeny 2017
2020-11-21 16:33 - 2020-06-26 12:27 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-21 16:33 - 2020-06-26 12:27 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-21 16:33 - 2020-06-26 12:27 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-19 08:34 - 2017-04-01 09:08 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-11-19 07:30 - 2020-08-17 09:30 - 000353576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-19 07:29 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-18 20:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-18 20:46 - 2020-08-17 09:31 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-18 20:39 - 2017-04-01 09:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-18 20:39 - 2017-04-01 09:35 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-18 20:39 - 2017-04-01 09:35 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-15 20:05 - 2017-05-05 17:04 - 000000000 ____D C:\Users\Petr Zvara\AppData\Roaming\vlc
2020-11-10 19:16 - 2017-04-01 09:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-10 19:15 - 2019-07-16 13:17 - 000000000 ____D C:\Users\Petr Zvara\Desktop\Juergen pojistky
2020-11-10 18:58 - 2018-02-10 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-04 00:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-11-03 18:08 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-11-03 18:08 - 2019-12-07 15:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-01 15:43 - 2017-04-01 09:25 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-01 15:35 - 2020-08-17 09:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-01 15:35 - 2020-08-17 09:36 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-01 15:33 - 2020-08-17 09:36 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-957298648-762153105-1476455773-1001
2020-11-01 15:33 - 2020-08-17 09:10 - 000002376 _____ C:\Users\Petr Zvara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-01 15:33 - 2017-03-31 18:20 - 000000000 ___RD C:\Users\Petr Zvara\OneDrive
==================== Files in the root of some directories ========
2017-04-01 09:58 - 2017-03-02 21:51 - 000027715 _____ () C:\Program Files\logo.jpg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
bláznivá myš a kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: bláznivá myš a kontrola logu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Petr Zvara\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_Resource [0]
Task: {27DAA860-C2C5-4406-9D8A-DB8D12026130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {384CFE12-404C-459D-853D-360C070458A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA4E808A-41CB-45F6-9A22-579BD86E1EB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: bláznivá myš a kontrola logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-11-2020
Ran by Petr Zvara (21-11-2020 22:29:16) Run:1
Running from C:\Users\Petr Zvara\Downloads
Loaded Profiles: Petr Zvara
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_Resource [0]
Task: {27DAA860-C2C5-4406-9D8A-DB8D12026130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {384CFE12-404C-459D-853D-360C070458A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA4E808A-41CB-45F6-9A22-579BD86E1EB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm => ":AFP_AfpInfo" ADS removed successfully
C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm => ":AFP_Resource" ADS removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27DAA860-C2C5-4406-9D8A-DB8D12026130}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27DAA860-C2C5-4406-9D8A-DB8D12026130}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{384CFE12-404C-459D-853D-360C070458A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384CFE12-404C-459D-853D-360C070458A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4E808A-41CB-45F6-9A22-579BD86E1EB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4E808A-41CB-45F6-9A22-579BD86E1EB8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21183337 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 5286775 B
Edge => 66413 B
Chrome => 45979950 B
Firefox => 9408729 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr Zvara => 19358493 B
RecycleBin => 3213352 B
EmptyTemp: => 108.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:29:37 ====
Ran by Petr Zvara (21-11-2020 22:29:16) Run:1
Running from C:\Users\Petr Zvara\Downloads
Loaded Profiles: Petr Zvara
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_Resource [0]
Task: {27DAA860-C2C5-4406-9D8A-DB8D12026130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {384CFE12-404C-459D-853D-360C070458A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA4E808A-41CB-45F6-9A22-579BD86E1EB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm => ":AFP_AfpInfo" ADS removed successfully
C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm => ":AFP_Resource" ADS removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{27DAA860-C2C5-4406-9D8A-DB8D12026130}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27DAA860-C2C5-4406-9D8A-DB8D12026130}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{384CFE12-404C-459D-853D-360C070458A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{384CFE12-404C-459D-853D-360C070458A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CA4E808A-41CB-45F6-9A22-579BD86E1EB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CA4E808A-41CB-45F6-9A22-579BD86E1EB8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21183337 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 5286775 B
Edge => 66413 B
Chrome => 45979950 B
Firefox => 9408729 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr Zvara => 19358493 B
RecycleBin => 3213352 B
EmptyTemp: => 108.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 22:29:37 ====
Re: bláznivá myš a kontrola logu
Ještě Vás musím informovat, že Windows 10 mi zakázal spustit FRST....
musel jsem přes správce úloh. Nevím, ještě se mi to nestalo.
musel jsem přes správce úloh. Nevím, ještě se mi to nestalo.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: bláznivá myš a kontrola logu
To je divné. Nicméně, nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?