bláznivá myš a kontrola logu
Napsal: 21 lis 2020 21:58
Dobrý večer,
prosím o kontrolu logu, pobláznil se touchpad.
Po kontrole MBANem a vymazání pár neřádů jde v pořádku. Tak prosím preventivně.
Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-11-2020
Ran by Petr Zvara (21-11-2020 21:49:08)
Running from C:\Users\Petr Zvara\Downloads
Windows 10 Pro Version 2004 19041.630 (X64) (2020-08-17 08:36:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-957298648-762153105-1476455773-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-957298648-762153105-1476455773-503 - Limited - Disabled)
Guest (S-1-5-21-957298648-762153105-1476455773-501 - Limited - Disabled)
Petr Zvara (S-1-5-21-957298648-762153105-1476455773-1001 - Administrator - Enabled) => C:\Users\Petr Zvara
WDAGUtilityAccount (S-1-5-21-957298648-762153105-1476455773-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
LibreOffice 5.3.1.2 (HKLM\...\{9A2A4317-64E9-4631-997A-F2C4F8A512C7}) (Version: 5.3.1.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.41 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 82.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.3 (x64 cs)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 82.0.3.7617 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Plánovač tras Google verze 1.85 (HKLM-x32\...\Plánovač tras Google_is1) (Version: 1.85 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Teplo 2017 EDU (HKLM-x32\...\Teplo 2017 EDU_is1) (Version: 2017 - Svoboda Software)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-17] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.181.400.0_x86__kgqvnymyfvs32 [2020-11-15] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-08-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20104.23.0_x64__8wekyb3d8bbwe [2020-11-21] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_Resource [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-22 11:24 - 2019-01-04 17:12 - 000000835 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-957298648-762153105-1476455773-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3C4AE963-E2DB-4D4A-ABD6-A5DA6FC81356}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CAB50755-0802-4B0F-816F-4525F8C73C3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A30DE253-7BFB-48A0-8181-A89D078C4888}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C8CCC80F-AF6C-4636-B71D-A0F7DCCB0FDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCC45D40-5C38-44BE-9488-CB1E7DF67A38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAA44084-0DD2-4F7D-8D8C-5C6427FDD79F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{304B8F59-58B3-42A9-B1C9-F44890BE50A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-11-2020 15:33:14 Instalační služba modulů systému Windows
18-11-2020 20:36:49 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/21/2020 09:28:17 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (11/21/2020 07:52:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.829, časové razítko: 0x5f936297
Název chybujícího modulu: Qt5Core.dll, verze: 5.14.1.0, časové razítko: 0x5f84e8d4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000219dc5
ID chybujícího procesu: 0x1a74
Čas spuštění chybující aplikace: 0x01d6c03443d9192a
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: b42a32a0-1a0d-4704-b4dc-8ac21cc308ab
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/21/2020 04:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0x4fe0bcb3
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x1b1c
Čas spuštění chybující aplikace: 0x01d6c01ba3fd32d9
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: cb715b77-b3d6-49e1-9156-c26924b3c885
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (11/13/2020 05:38:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 8.65.0.78 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2ee0
Čas spuštění: 01d6b9db2a0e3b3b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
ID hlášení: aad51ff6-37ad-4e60-9e69-43c83b4c712c
Úplný název balíčku s chybou: Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (09/25/2020 03:52:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 8.63.0.76 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 13f8
Čas spuštění: 01d692487734e760
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
ID hlášení: 51157566-d05a-4d87-80db-21deab372f68
Úplný název balíčku s chybou: Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (09/08/2020 06:39:27 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/18/2020 09:53:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xeab8dc5a
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.423, časové razítko: 0xed02c0bc
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x29ec
Čas spuštění chybující aplikace: 0x01d675a192c81b10
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 82613872-edc6-4c19-a1d9-458e01379cd8
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (08/17/2020 07:31:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.386_none_e72d64cd263a3a51\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x81000101).
System errors:
=============
Error: (11/21/2020 09:25:56 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/21/2020 07:27:58 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/21/2020 07:09:10 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/20/2020 06:34:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-11-21 18:52:40.6250000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3C038A68-BCD9-4C67-BFBD-DECB125D8238}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NMA4QA9\Petr Zvara
Date: 2020-11-21 18:50:19.7750000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1EEB88AA-8213-40C5-962F-279599F12B8B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NMA4QA9\Petr Zvara
Date: 2020-10-13 13:30:43.4820000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EEBD4D60-0503-4E47-929F-62C6076CB117}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-11-21 18:58:29.3850000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1255.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-11-21 19:31:31.6190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-21 19:31:31.5950000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO AFCN30WW(V2.02) 10/01/2015
Motherboard: LENOVO Lenovo E31-70
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8105.85 MB
Available physical RAM: 5079.69 MB
Total Virtual: 9385.85 MB
Available Virtual: 6287.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.36 GB) (Free:172.22 GB) NTFS
\\?\Volume{01190f40-4127-4eff-8607-56750521037a}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{93fc1aee-eb44-415b-9a91-6d9a0d016a0d}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{bedbc1ff-42cf-4037-9f89-1f469196c11e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: DA057F4D)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-11-2020
Ran by Petr Zvara (administrator) on DESKTOP-NMA4QA9 (LENOVO 80KX) (21-11-2020 21:47:24)
Running from C:\Users\Petr Zvara\Downloads
Loaded Profiles: Petr Zvara
Platform: Windows 10 Pro Version 2004 19041.630 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\SUGE1PC: C:\Windows\System32\spool\prtprocs\x64\suge1pc.dll [33792 2009-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A067C17-3A71-459F-8487-AFEB30A6FD58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {27DAA860-C2C5-4406-9D8A-DB8D12026130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {29B77A92-9C02-4905-8376-A0F72AD34DF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {384CFE12-404C-459D-853D-360C070458A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {642F1D74-A0C9-42B4-B967-54D61212E475} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB70507F-83FC-4F0A-8826-BDC5F3CE8623} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC6F5F68-FE44-4A99-B9ED-8F1504D5C9F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-20] (Avast Software s.r.o. -> Avast Software)
Task: {BC9923A0-1BDE-41E3-B422-6ABA99E8CA27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA4E808A-41CB-45F6-9A22-579BD86E1EB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {D9CEC501-78EE-44F1-BCFA-1932EF1C8271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c3c18e4-bc8a-4304-a9ba-bad20565e88a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{54dc268a-e8d3-4c86-9131-5a2ee54aadd5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cbf7fbc0-5d7c-4e0d-8e71-967c75114c7c}: [DhcpNameServer] 10.0.0.138
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-957298648-762153105-1476455773-1001 -> hxxp://google.cz/
Edge Profile: C:\Users\Petr Zvara\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-21]
Edge HomePage: Default -> hxxp://google.cz/
Edge StartupUrls: Default -> "hxxp://google.cz/"
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}
FireFox:
========
FF DefaultProfile: 16epy6c1.default
FF ProfilePath: C:\Users\Petr Zvara\AppData\Roaming\Mozilla\Firefox\Profiles\16epy6c1.default [2020-11-21]
FF Homepage: Mozilla\Firefox\Profiles\16epy6c1.default -> hxxps://www.google.cz/
FF HomepageOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Disabled: _jnMembers_@www.pdfconverttools.com
FF NewTabOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Disabled: _jnMembers_@www.pdfconverttools.com
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default [2020-11-21]
CHR Notifications: Default -> hxxps://www.megaknihy.cz
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Dokumenty) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-21]
CHR Extension: (YouTube) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-01]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-21]
CHR Extension: (Tabulky) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-21]
CHR Extension: (Avast Online Security) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl923646b8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00EE0FE1-62DB-4808-9153-126A3EEC7B26}\MpKslDrv.sys [47336 2020-11-21] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-21 21:47 - 2020-11-21 21:47 - 000014472 _____ C:\Users\Petr Zvara\Downloads\FRST.txt
2020-11-21 21:47 - 2020-11-21 21:47 - 000000000 ____D C:\FRST
2020-11-21 21:35 - 2020-11-21 21:36 - 002294784 _____ (Farbar) C:\Users\Petr Zvara\Downloads\FRST64.exe
2020-11-21 21:30 - 2020-11-21 21:30 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2020-11-21 21:26 - 2020-11-21 21:26 - 000000392 _____ C:\Users\Petr Zvara\Documents\cc_20201121_212641.reg
2020-11-21 19:48 - 2020-11-21 21:31 - 000000000 ____D C:\WINDOWS\TempInst
2020-11-21 19:48 - 2020-11-21 21:31 - 000000000 ____D C:\ProgramData\Lenovo
2020-11-21 19:48 - 2020-11-21 20:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2020-11-21 19:37 - 2020-11-21 21:31 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-11-21 19:37 - 2020-11-21 19:48 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\LenovoServiceBridge
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_01009.Wdf
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____D C:\WINDOWS\system32\%ProgramData%
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\Lenovo
2020-11-21 19:33 - 2020-11-21 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-11-21 19:33 - 2020-11-21 19:33 - 003213352 _____ (Lenovo ) C:\Users\Petr Zvara\Downloads\LSBSetup.exe
2020-11-21 19:28 - 2020-11-21 19:28 - 000002648 _____ C:\Users\Petr Zvara\Documents\cc_20201121_192848.reg
2020-11-21 19:14 - 2020-11-21 19:14 - 000000000 ____D C:\WINDOWS\pss
2020-11-21 19:10 - 2020-11-21 19:10 - 000083782 _____ C:\Users\Petr Zvara\Documents\cc_20201121_191011.reg
2020-11-21 19:10 - 2020-11-21 19:10 - 000006600 _____ C:\Users\Petr Zvara\Documents\cc_20201121_191037.reg
2020-11-21 19:06 - 2020-11-21 19:06 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\mbam
2020-11-21 19:06 - 2020-11-21 19:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-21 19:03 - 2020-11-21 19:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-18 20:46 - 2020-11-18 20:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-18 20:46 - 2020-11-18 20:46 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-18 20:40 - 2020-11-19 08:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-11-10 19:16 - 2020-11-10 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-10 19:11 - 2020-11-15 20:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-01 21:25 - 2020-11-01 21:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-11-01 21:24 - 2020-11-01 21:24 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-11-01 21:23 - 2020-11-01 21:23 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-11-01 21:23 - 2020-11-01 21:23 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-11-01 21:23 - 2020-11-01 21:23 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-11-01 21:23 - 2020-11-01 21:23 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-11-01 21:23 - 2020-11-01 21:23 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-11-01 21:23 - 2020-11-01 21:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-11-01 21:23 - 2020-11-01 21:23 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-01 21:22 - 2020-11-01 21:22 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-11-01 21:22 - 2020-11-01 21:22 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-11-01 21:21 - 2020-11-01 21:21 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-21 21:46 - 2019-02-24 13:58 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\D3DSCache
2020-11-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-21 21:29 - 2017-07-09 12:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-11-21 21:29 - 2017-03-31 18:18 - 000000000 __SHD C:\Users\Petr Zvara\IntelGraphicsProfiles
2020-11-21 21:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-21 21:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-21 20:45 - 2020-08-17 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-21 19:52 - 2018-09-30 13:32 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\CrashDumps
2020-11-21 19:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-21 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-21 19:34 - 2020-08-17 09:38 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-21 19:34 - 2019-12-07 15:43 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-21 19:34 - 2019-12-07 15:43 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-21 19:29 - 2020-08-17 09:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-21 19:29 - 2020-08-17 09:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-21 19:29 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-21 19:29 - 2017-07-09 12:52 - 000000000 ____D C:\ProgramData\Synaptics
2020-11-21 19:29 - 2017-04-01 09:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-21 19:20 - 2019-01-14 15:31 - 000000000 ____D C:\Users\Petr Zvara\Desktop\USA 2019
2020-11-21 19:17 - 2017-04-01 09:38 - 000000000 ____D C:\Users\Petr Zvara\AppData\LocalLow\Mozilla
2020-11-21 19:09 - 2020-08-05 19:35 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-21 19:00 - 2017-04-01 08:57 - 000000000 ____D C:\Users\Petr Zvara\Desktop\Faktury skeny 2017
2020-11-21 16:33 - 2020-06-26 12:27 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-21 16:33 - 2020-06-26 12:27 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-21 16:33 - 2020-06-26 12:27 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-19 08:34 - 2017-04-01 09:08 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-11-19 07:30 - 2020-08-17 09:30 - 000353576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-19 07:29 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-18 20:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-18 20:46 - 2020-08-17 09:31 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-18 20:39 - 2017-04-01 09:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-18 20:39 - 2017-04-01 09:35 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-18 20:39 - 2017-04-01 09:35 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-15 20:05 - 2017-05-05 17:04 - 000000000 ____D C:\Users\Petr Zvara\AppData\Roaming\vlc
2020-11-10 19:16 - 2017-04-01 09:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-10 19:15 - 2019-07-16 13:17 - 000000000 ____D C:\Users\Petr Zvara\Desktop\Juergen pojistky
2020-11-10 18:58 - 2018-02-10 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-04 00:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-11-03 18:08 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-11-03 18:08 - 2019-12-07 15:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-01 15:43 - 2017-04-01 09:25 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-01 15:35 - 2020-08-17 09:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-01 15:35 - 2020-08-17 09:36 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-01 15:33 - 2020-08-17 09:36 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-957298648-762153105-1476455773-1001
2020-11-01 15:33 - 2020-08-17 09:10 - 000002376 _____ C:\Users\Petr Zvara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-01 15:33 - 2017-03-31 18:20 - 000000000 ___RD C:\Users\Petr Zvara\OneDrive
==================== Files in the root of some directories ========
2017-04-01 09:58 - 2017-03-02 21:51 - 000027715 _____ () C:\Program Files\logo.jpg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
prosím o kontrolu logu, pobláznil se touchpad.
Po kontrole MBANem a vymazání pár neřádů jde v pořádku. Tak prosím preventivně.
Děkuji
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-11-2020
Ran by Petr Zvara (21-11-2020 21:49:08)
Running from C:\Users\Petr Zvara\Downloads
Windows 10 Pro Version 2004 19041.630 (X64) (2020-08-17 08:36:38)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-957298648-762153105-1476455773-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-957298648-762153105-1476455773-503 - Limited - Disabled)
Guest (S-1-5-21-957298648-762153105-1476455773-501 - Limited - Disabled)
Petr Zvara (S-1-5-21-957298648-762153105-1476455773-1001 - Administrator - Enabled) => C:\Users\Petr Zvara
WDAGUtilityAccount (S-1-5-21-957298648-762153105-1476455773-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Brother MFL-Pro Suite DCP-7060D (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
LibreOffice 5.3.1.2 (HKLM\...\{9A2A4317-64E9-4631-997A-F2C4F8A512C7}) (Version: 5.3.1.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.41 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft OneDrive (HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 82.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.3 (x64 cs)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 82.0.3.7617 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Plánovač tras Google verze 1.85 (HKLM-x32\...\Plánovač tras Google_is1) (Version: 1.85 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Teplo 2017 EDU (HKLM-x32\...\Teplo 2017 EDU_is1) (Version: 2017 - Svoboda Software)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.50 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-17] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.181.400.0_x86__kgqvnymyfvs32 [2020-11-15] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-04] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-08-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-11-03] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)
Váš telefon -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20104.23.0_x64__8wekyb3d8bbwe [2020-11-21] (Microsoft Corporation) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_AfpInfo [122]
AlternateDataStreams: C:\Users\Petr Zvara\Desktop\Kalkulace Typodeign koncovy zakaznik rev15.xlsm:AFP_Resource [0]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-22 11:24 - 2019-01-04 17:12 - 000000835 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-957298648-762153105-1476455773-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-957298648-762153105-1476455773-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3C4AE963-E2DB-4D4A-ABD6-A5DA6FC81356}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CAB50755-0802-4B0F-816F-4525F8C73C3B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A30DE253-7BFB-48A0-8181-A89D078C4888}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C8CCC80F-AF6C-4636-B71D-A0F7DCCB0FDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DCC45D40-5C38-44BE-9488-CB1E7DF67A38}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAA44084-0DD2-4F7D-8D8C-5C6427FDD79F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{304B8F59-58B3-42A9-B1C9-F44890BE50A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.66.77.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
01-11-2020 15:33:14 Instalační služba modulů systému Windows
18-11-2020 20:36:49 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/21/2020 09:28:17 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (11/21/2020 07:52:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 4.0.0.829, časové razítko: 0x5f936297
Název chybujícího modulu: Qt5Core.dll, verze: 5.14.1.0, časové razítko: 0x5f84e8d4
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000219dc5
ID chybujícího procesu: 0x1a74
Čas spuštění chybující aplikace: 0x01d6c03443d9192a
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: b42a32a0-1a0d-4704-b4dc-8ac21cc308ab
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/21/2020 04:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0x4fe0bcb3
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x1183946c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b65c
ID chybujícího procesu: 0x1b1c
Čas spuštění chybující aplikace: 0x01d6c01ba3fd32d9
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: cb715b77-b3d6-49e1-9156-c26924b3c885
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (11/13/2020 05:38:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 8.65.0.78 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2ee0
Čas spuštění: 01d6b9db2a0e3b3b
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
ID hlášení: aad51ff6-37ad-4e60-9e69-43c83b4c712c
Úplný název balíčku s chybou: Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (09/25/2020 03:52:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Skype.exe verze 8.63.0.76 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 13f8
Čas spuštění: 01d692487734e760
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
ID hlášení: 51157566-d05a-4d87-80db-21deab372f68
Úplný název balíčku s chybou: Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (09/08/2020 06:39:27 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/18/2020 09:53:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xeab8dc5a
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.423, časové razítko: 0xed02c0bc
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b3cc
ID chybujícího procesu: 0x29ec
Čas spuštění chybující aplikace: 0x01d675a192c81b10
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 82613872-edc6-4c19-a1d9-458e01379cd8
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (08/17/2020 07:31:08 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.386_none_e72d64cd263a3a51\TiWorker.exe -Embedding; Popis = Instalační služba modulů systému Windows; Chyba = 0x81000101).
System errors:
=============
Error: (11/21/2020 09:25:56 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/21/2020 07:27:58 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/21/2020 07:09:10 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-NMA4QA9)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/20/2020 06:34:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/15/2020 08:22:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NMA4QA9)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-11-21 18:52:40.6250000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3C038A68-BCD9-4C67-BFBD-DECB125D8238}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NMA4QA9\Petr Zvara
Date: 2020-11-21 18:50:19.7750000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1EEB88AA-8213-40C5-962F-279599F12B8B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-NMA4QA9\Petr Zvara
Date: 2020-10-13 13:30:43.4820000Z
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {EEBD4D60-0503-4E47-929F-62C6076CB117}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-11-21 18:58:29.3850000Z
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.327.1255.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===================================
Date: 2020-11-21 19:31:31.6190000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-11-21 19:31:31.5950000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO AFCN30WW(V2.02) 10/01/2015
Motherboard: LENOVO Lenovo E31-70
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8105.85 MB
Available physical RAM: 5079.69 MB
Total Virtual: 9385.85 MB
Available Virtual: 6287.78 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:237.36 GB) (Free:172.22 GB) NTFS
\\?\Volume{01190f40-4127-4eff-8607-56750521037a}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{93fc1aee-eb44-415b-9a91-6d9a0d016a0d}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{bedbc1ff-42cf-4037-9f89-1f469196c11e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: DA057F4D)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-11-2020
Ran by Petr Zvara (administrator) on DESKTOP-NMA4QA9 (LENOVO 80KX) (21-11-2020 21:47:24)
Running from C:\Users\Petr Zvara\Downloads
Loaded Profiles: Petr Zvara
Platform: Windows 10 Pro Version 2004 19041.630 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2010.7-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\SUGE1PC: C:\Windows\System32\spool\prtprocs\x64\suge1pc.dll [33792 2009-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-18] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A067C17-3A71-459F-8487-AFEB30A6FD58} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.)
Task: {27DAA860-C2C5-4406-9D8A-DB8D12026130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {29B77A92-9C02-4905-8376-A0F72AD34DF1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {384CFE12-404C-459D-853D-360C070458A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {642F1D74-A0C9-42B4-B967-54D61212E475} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {AB70507F-83FC-4F0A-8826-BDC5F3CE8623} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC6F5F68-FE44-4A99-B9ED-8F1504D5C9F6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-20] (Avast Software s.r.o. -> Avast Software)
Task: {BC9923A0-1BDE-41E3-B422-6ABA99E8CA27} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA4E808A-41CB-45F6-9A22-579BD86E1EB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-04-01] (Google Inc -> Google Inc.)
Task: {D9CEC501-78EE-44F1-BCFA-1932EF1C8271} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MpCmdRun.exe [541576 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c3c18e4-bc8a-4304-a9ba-bad20565e88a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{54dc268a-e8d3-4c86-9131-5a2ee54aadd5}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cbf7fbc0-5d7c-4e0d-8e71-967c75114c7c}: [DhcpNameServer] 10.0.0.138
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-957298648-762153105-1476455773-1001 -> hxxp://google.cz/
Edge Profile: C:\Users\Petr Zvara\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-21]
Edge HomePage: Default -> hxxp://google.cz/
Edge StartupUrls: Default -> "hxxp://google.cz/"
Edge DefaultSearchURL: Default -> hxxps://www.google.cz/search?q={searchTerms}&ie ... utEncoding?}
FireFox:
========
FF DefaultProfile: 16epy6c1.default
FF ProfilePath: C:\Users\Petr Zvara\AppData\Roaming\Mozilla\Firefox\Profiles\16epy6c1.default [2020-11-21]
FF Homepage: Mozilla\Firefox\Profiles\16epy6c1.default -> hxxps://www.google.cz/
FF HomepageOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Disabled: _jnMembers_@www.pdfconverttools.com
FF NewTabOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF NewTabOverride: Mozilla\Firefox\Profiles\16epy6c1.default -> Disabled: _jnMembers_@www.pdfconverttools.com
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default [2020-11-21]
CHR Notifications: Default -> hxxps://www.megaknihy.cz
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Dokumenty) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Disk Google) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-21]
CHR Extension: (YouTube) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-01]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-21]
CHR Extension: (Tabulky) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-21]
CHR Extension: (Avast Online Security) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-08-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-20]
CHR Extension: (Gmail) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Petr Zvara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-26] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKsl923646b8; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00EE0FE1-62DB-4808-9153-126A3EEC7B26}\MpKslDrv.sys [47336 2020-11-21] (Microsoft Windows -> Microsoft Corporation)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-11-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429288 2020-11-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-21 21:47 - 2020-11-21 21:47 - 000014472 _____ C:\Users\Petr Zvara\Downloads\FRST.txt
2020-11-21 21:47 - 2020-11-21 21:47 - 000000000 ____D C:\FRST
2020-11-21 21:35 - 2020-11-21 21:36 - 002294784 _____ (Farbar) C:\Users\Petr Zvara\Downloads\FRST64.exe
2020-11-21 21:30 - 2020-11-21 21:30 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2020-11-21 21:26 - 2020-11-21 21:26 - 000000392 _____ C:\Users\Petr Zvara\Documents\cc_20201121_212641.reg
2020-11-21 19:48 - 2020-11-21 21:31 - 000000000 ____D C:\WINDOWS\TempInst
2020-11-21 19:48 - 2020-11-21 21:31 - 000000000 ____D C:\ProgramData\Lenovo
2020-11-21 19:48 - 2020-11-21 20:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2020-11-21 19:37 - 2020-11-21 21:31 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-11-21 19:37 - 2020-11-21 19:48 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\LenovoServiceBridge
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_01009.Wdf
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____D C:\WINDOWS\system32\%ProgramData%
2020-11-21 19:37 - 2020-11-21 19:37 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\Lenovo
2020-11-21 19:33 - 2020-11-21 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-11-21 19:33 - 2020-11-21 19:33 - 003213352 _____ (Lenovo ) C:\Users\Petr Zvara\Downloads\LSBSetup.exe
2020-11-21 19:28 - 2020-11-21 19:28 - 000002648 _____ C:\Users\Petr Zvara\Documents\cc_20201121_192848.reg
2020-11-21 19:14 - 2020-11-21 19:14 - 000000000 ____D C:\WINDOWS\pss
2020-11-21 19:10 - 2020-11-21 19:10 - 000083782 _____ C:\Users\Petr Zvara\Documents\cc_20201121_191011.reg
2020-11-21 19:10 - 2020-11-21 19:10 - 000006600 _____ C:\Users\Petr Zvara\Documents\cc_20201121_191037.reg
2020-11-21 19:06 - 2020-11-21 19:06 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\mbam
2020-11-21 19:06 - 2020-11-21 19:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-21 19:03 - 2020-11-21 19:03 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-18 20:46 - 2020-11-18 20:46 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-18 20:46 - 2020-11-18 20:46 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-18 20:46 - 2020-11-18 20:46 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-18 20:40 - 2020-11-19 08:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-11-10 19:16 - 2020-11-10 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-10 19:11 - 2020-11-15 20:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-01 21:25 - 2020-11-01 21:25 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000455168 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2020-11-01 21:24 - 2020-11-01 21:24 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-11-01 21:24 - 2020-11-01 21:24 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2020-11-01 21:24 - 2020-11-01 21:24 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-11-01 21:23 - 2020-11-01 21:23 - 001822256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-11-01 21:23 - 2020-11-01 21:23 - 001393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-11-01 21:23 - 2020-11-01 21:23 - 001162240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-11-01 21:23 - 2020-11-01 21:23 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2020-11-01 21:23 - 2020-11-01 21:23 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-11-01 21:23 - 2020-11-01 21:23 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-11-01 21:23 - 2020-11-01 21:23 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000707544 _____ C:\WINDOWS\system32\TextShaping.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000645120 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-11-01 21:22 - 2020-11-01 21:22 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2020-11-01 21:22 - 2020-11-01 21:22 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2020-11-01 21:22 - 2020-11-01 21:22 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-11-01 21:21 - 2020-11-01 21:21 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2020-11-01 21:21 - 2020-11-01 21:21 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-21 21:46 - 2019-02-24 13:58 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\D3DSCache
2020-11-21 21:41 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-21 21:29 - 2017-07-09 12:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-11-21 21:29 - 2017-03-31 18:18 - 000000000 __SHD C:\Users\Petr Zvara\IntelGraphicsProfiles
2020-11-21 21:28 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-21 21:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-21 20:45 - 2020-08-17 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-21 19:52 - 2018-09-30 13:32 - 000000000 ____D C:\Users\Petr Zvara\AppData\Local\CrashDumps
2020-11-21 19:46 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-21 19:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-21 19:34 - 2020-08-17 09:38 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-21 19:34 - 2019-12-07 15:43 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-21 19:34 - 2019-12-07 15:43 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-21 19:29 - 2020-08-17 09:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-21 19:29 - 2020-08-17 09:30 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-21 19:29 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-11-21 19:29 - 2017-07-09 12:52 - 000000000 ____D C:\ProgramData\Synaptics
2020-11-21 19:29 - 2017-04-01 09:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-21 19:20 - 2019-01-14 15:31 - 000000000 ____D C:\Users\Petr Zvara\Desktop\USA 2019
2020-11-21 19:17 - 2017-04-01 09:38 - 000000000 ____D C:\Users\Petr Zvara\AppData\LocalLow\Mozilla
2020-11-21 19:09 - 2020-08-05 19:35 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-21 19:00 - 2017-04-01 08:57 - 000000000 ____D C:\Users\Petr Zvara\Desktop\Faktury skeny 2017
2020-11-21 16:33 - 2020-06-26 12:27 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-11-21 16:33 - 2020-06-26 12:27 - 000002257 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-11-21 16:33 - 2020-06-26 12:27 - 000002257 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-11-19 08:34 - 2017-04-01 09:08 - 000001278 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2020-11-19 07:30 - 2020-08-17 09:30 - 000353576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-19 07:29 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-19 07:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-18 20:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-18 20:46 - 2020-08-17 09:31 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-18 20:39 - 2017-04-01 09:35 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-18 20:39 - 2017-04-01 09:35 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-18 20:39 - 2017-04-01 09:35 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-15 20:05 - 2017-05-05 17:04 - 000000000 ____D C:\Users\Petr Zvara\AppData\Roaming\vlc
2020-11-10 19:16 - 2017-04-01 09:37 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-10 19:15 - 2019-07-16 13:17 - 000000000 ____D C:\Users\Petr Zvara\Desktop\Juergen pojistky
2020-11-10 18:58 - 2018-02-10 19:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2020-11-04 00:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2020-11-04 00:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-11-03 18:08 - 2019-12-07 15:47 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2020-11-03 18:08 - 2019-12-07 15:47 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2020-11-01 15:43 - 2017-04-01 09:25 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-01 15:35 - 2020-08-17 09:36 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-01 15:35 - 2020-08-17 09:36 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-01 15:33 - 2020-08-17 09:36 - 000003386 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-957298648-762153105-1476455773-1001
2020-11-01 15:33 - 2020-08-17 09:10 - 000002376 _____ C:\Users\Petr Zvara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-01 15:33 - 2017-03-31 18:20 - 000000000 ___RD C:\Users\Petr Zvara\OneDrive
==================== Files in the root of some directories ========
2017-04-01 09:58 - 2017-03-02 21:51 - 000027715 _____ () C:\Program Files\logo.jpg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================