VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu - viz log z FRST

https://forum.viry.cz:443/viewtopic.php?t=157928

Stránka 1 z 2

Prosím o kontrolu - viz log z FRST

Napsal: 06 bře 2021 11:29
od vrchlab
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Kopci (administrator) on LAPTOP-HH1EQN5N (LENOVO 80QB) (06-03-2021 11:13:57)
Running from C:\Users\Kopci\Desktop
Loaded Profiles: Kopci
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use] C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusClient.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe
(Globalhop Ltd TOO -> ) C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SweetLabs Inc. -> SweetLabs, Inc) C:\Users\Kopci\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7A64AF-41E2-4A98-8D6D-1A0AF0E7ED3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {16117B7C-4030-4E82-9117-4DECF78DF087} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-11] (CyberLink Corp. -> CyberLink Corp.)
Task: {20CC5D35-6588-4513-8287-B6EA51CD49F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320416 2016-01-25] (LENOVO -> Lenovo)
Task: {227B0B35-DA77-46F3-9DCF-CF593A24B789} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo)
Task: {29CCEDAC-180F-4086-A873-5CF401966497} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3147DCBB-367A-4072-A60E-2700B28A663B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {323E7185-8140-49E6-BF96-12D2D1C9E6B5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\976f3d26-08d0-41db-8475-f5f80f952630 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {36C990C1-835F-4B1B-A7A5-6DB732E6040A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\499d4cd4-1c19-4950-a49f-868b188de0ad => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {36F6B47C-9573-4A05-9CBA-72A6818284C9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62368 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {3A46C4CE-A277-497A-B599-0F9C86F19B7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AD8077C-808E-4BEF-8C18-73D591F29EE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {420B6F54-9CBB-4760-BD62-FFC983F0F7E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {45513EBA-7E69-447D-802A-771AA4D26FD6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {463AE302-4AA6-4022-A74C-5E154ACD9474} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270304 2016-01-25] (LENOVO -> Lenovo)
Task: {47F4B97A-A9D7-4AA2-82B3-A27480FA0764} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {49F2B11E-D4EF-4DC1-A27C-DBF1EAB9A544} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {5D7FE370-0268-4F37-8C09-F692339CC68C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {5F2BE04C-DF43-4441-BA87-AF2FAB189A74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F40EA3F-BAAC-4285-8286-9B257B8649B7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EA656A2-D79A-4CA9-9823-F1271FA290D2} - System32\Tasks\Lenovo\fplmonitorConnect => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {719363F1-497C-4B69-A1DD-EE77AE387B55} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-02-04] (Lenovo -> Lenovo Group Ltd.)
Task: {75A6033F-705F-47DE-AC73-B5CBD9F60D66} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BC33DC-61CF-4F7D-9564-7F2D394C0AD6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {7B0DFC7C-EED3-4F3D-A4E2-2113C188ABA2} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7F2A58CC-CE18-44EF-B47A-4BF3AE16DD76} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {8D4A2EFC-0E92-42CE-B805-0FCBE6813E81} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFA1F844-B873-4B2C-ABAE-0FD04AADA7F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B765D5C5-8B13-4A9D-9CE0-88B45DF4581F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BA5589F5-363D-402E-886C-56770A4CBCD8} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {C34B4DE8-7A06-400A-8100-B95FF3F1FB5D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f0bdd6d6-e7c1-4e98-98b5-c5c67a97af6b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {C686002C-2ED0-4349-A479-ABD734A978DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133488 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C91368E0-6C17-428C-A951-070E3CC250CC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo)
Task: {D71E4AA2-EFF8-41D2-9B53-3B1F68AE872E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo)
Task: {E8975FB6-D236-44C8-9179-AF9BD682BF88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F22F6641-7594-4471-886C-B4AB12488B68} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F59A1B2B-4E32-4FAE-AFB1-97BB163A1A62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F63D47B8-38E2-4E22-A98D-78DB7FC1A7C3} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo)
Task: {F92DFA93-2D61-40F2-A32D-6215E2679044} - System32\Tasks\App Explorer => C:\Users\Kopci\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7949992 2020-09-04] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {FA36CD7B-5060-4CC6-B252-4258042D136E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\92e39d53-2498-428e-8188-9a796d7873a3 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5bdce1b0-6c55-4811-8821-86e83bfe7d28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7370f33a-094d-4166-896c-c94ded8f462e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ba844273-ed17-44ac-bbbf-eefe42da4ab5}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kopci\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-06]

FireFox:
========
FF DefaultProfile: k5b7neg4.default
FF ProfilePath: C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default [2021-03-06]
FF Session Restore: Mozilla\Firefox\Profiles\k5b7neg4.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\k5b7neg4.default -> hxxps://www.slevomat.cz; hxxps://online.rb.cz
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"FunnyKacele" => service was unlocked. <==== ATTENTION
"SAntivirusIC" => service was unlocked. <==== ATTENTION

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FunnyKacele; C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe [30701040 2018-05-04] (Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271328 2016-01-25] (LENOVO -> Lenovo)
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6940672 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [626688 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85504 2021-02-27] (Digital Communications Inc -> Corp DCom) <==== ATTENTION
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-06 11:13 - 2021-03-06 11:16 - 000021970 _____ C:\Users\Kopci\Desktop\FRST.txt
2021-03-06 11:13 - 2021-03-06 11:15 - 000000000 ____D C:\FRST
2021-03-06 11:10 - 2021-03-06 11:10 - 002301440 _____ (Farbar) C:\Users\Kopci\Desktop\FRST64.exe
2021-02-27 20:47 - 2021-02-28 13:30 - 000000000 ____D C:\Program Files\WebDiscoverBrowser
2021-02-27 20:47 - 2021-02-27 20:47 - 000000000 ____D C:\Users\Kopci\AppData\Local\WebDiscoverBrowser
2021-02-27 20:46 - 2021-02-27 20:47 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\santivirusclient
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\SAntivirus
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\IdleBuddy
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2021-02-27 20:44 - 2021-03-03 00:52 - 000000000 ____D C:\Program Files (x86)\IBuddy
2021-02-27 20:44 - 2021-02-28 13:31 - 000000000 ____D C:\Program Files (x86)\FunnyKacele
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Local\TaskbarSystem
2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ C:\Users\Kopci\AppData\Local\partner.bmp
2021-02-27 20:43 - 2021-02-27 20:43 - 000000000 _____ C:\Users\Kopci\Downloads\LEGO Harry Potter
2021-02-27 20:42 - 2021-02-27 20:43 - 000000000 ____D C:\Program Files (x86)\ExhaustingGovernmentphoInstall
2021-02-27 20:25 - 2021-02-27 20:25 - 000000000 ____D C:\Program Files (x86)\WB Games
2021-02-27 18:26 - 2021-02-28 13:47 - 000002372 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 18:13 - 2021-02-27 19:23 - 764398929 _____ C:\Users\Kopci\Downloads\LEGO.Harry.Potter.5-7.zip.part
2021-02-27 18:10 - 2021-02-27 18:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 15:13 - 2021-02-28 13:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-21 20:25 - 2021-03-04 23:11 - 000000000 ____D C:\Users\Kopci\Desktop\random fotky xd
2021-02-15 09:00 - 2021-02-15 09:00 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\Zoom_cm_fik4fkwZ9vvrZo4_muA1SOBB4sC925lOx0QoYuFfREgy+6cQB5gAX@-SoVtX4uj4nOWPPM_k5d14e1340bf434a7_.exe
2021-02-15 08:23 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-02-15 08:22 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Zoom
2021-02-15 08:22 - 2021-02-15 08:22 - 015135752 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\ZoomInstaller.exe
2021-02-13 12:36 - 2021-02-13 12:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-13 12:36 - 2021-02-13 12:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-02-13 12:34 - 2021-02-13 12:34 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-06 11:16 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-06 11:09 - 2018-02-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-06 11:08 - 2019-02-21 21:41 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-06 11:08 - 2016-12-25 21:35 - 000000000 ____D C:\Users\Kopci\AppData\LocalLow\Mozilla
2021-03-06 11:01 - 2016-12-25 22:55 - 000000000 ____D C:\Program Files\CCleaner
2021-03-06 10:57 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-06 10:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-06 10:56 - 2016-12-25 09:33 - 000000000 __SHD C:\Users\Kopci\IntelGraphicsProfiles
2021-03-06 10:55 - 2020-05-03 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-06 10:55 - 2017-12-31 13:21 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-06 10:55 - 2017-09-03 13:57 - 000000000 ____D C:\ProgramData\Synaptics
2021-03-06 10:55 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-06 10:54 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-06 10:45 - 2020-11-09 17:44 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-06 10:45 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-06 10:38 - 2016-12-25 09:30 - 000000000 ____D C:\Users\Kopci\AppData\Local\Host App Service
2021-03-06 10:37 - 2017-10-18 22:33 - 000000000 ____D C:\Users\Kopci\AppData\Local\Packages
2021-03-05 20:13 - 2020-05-03 12:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-05 11:29 - 2020-04-24 10:40 - 000000000 ____D C:\Users\Kopci\Desktop\word gyby
2021-03-05 09:13 - 2016-05-28 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-05 00:57 - 2020-05-03 12:17 - 000000000 ____D C:\Users\Kopci
2021-03-05 00:55 - 2020-09-23 22:08 - 000000000 ____D C:\Users\Kopci\Documents\Soubory aplikace Outlook
2021-03-04 15:26 - 2020-11-30 20:42 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\vlc
2021-03-01 18:32 - 2020-04-24 10:42 - 000000000 ____D C:\Users\Kopci\Desktop\power point gyby
2021-03-01 08:52 - 2019-03-30 15:42 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Seznam.cz
2021-02-28 13:50 - 2016-12-25 22:45 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-28 13:48 - 2016-12-25 09:43 - 000000000 ___RD C:\Users\Kopci\OneDrive
2021-02-28 13:47 - 2020-09-07 20:14 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-28 13:47 - 2020-09-07 20:14 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-28 13:47 - 2020-09-07 20:14 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-28 13:47 - 2020-05-03 12:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3044413106-2186633788-3405021347-1001
2021-02-28 13:36 - 2020-05-03 12:09 - 000515336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-28 13:27 - 2016-12-25 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-27 20:48 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-27 18:10 - 2016-12-25 21:34 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 15:10 - 2020-09-07 20:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-26 15:10 - 2020-09-07 20:14 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-25 13:19 - 2020-04-09 14:54 - 000002375 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-25 13:19 - 2019-09-22 08:24 - 000002367 _____ C:\Users\Kopci\Desktop\Microsoft Teams.lnk
2021-02-24 12:05 - 2019-03-30 16:33 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Opera Software
2021-02-23 18:24 - 2020-03-12 20:53 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-03-12 20:53 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2017-10-11 20:21 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-03-12 20:52 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 11:19 - 2020-09-03 16:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-19 10:10 - 2020-05-03 12:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-02-17 10:07 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-16 16:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-14 20:43 - 2020-05-03 21:34 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-14 20:43 - 2020-05-03 21:34 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-14 20:43 - 2020-05-03 12:29 - 001693858 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 20:37 - 2017-10-19 19:48 - 000000000 ___RD C:\Users\Kopci\3D Objects
2021-02-14 20:37 - 2015-11-03 20:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 12:48 - 2019-03-19 07:20 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-13 12:48 - 2019-03-19 07:20 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-11 10:25 - 2016-12-25 20:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 10:06 - 2016-12-25 20:49 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 16:23 - 2020-05-03 12:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-07 11:52 - 2016-12-25 21:09 - 000160860 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-02-07 11:52 - 2016-05-28 15:13 - 000000000 ____D C:\ProgramData\Lenovo
2021-02-05 20:30 - 2020-09-03 16:07 - 000916288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:30 - 2020-09-03 16:07 - 000437056 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll

==================== Files in the root of some directories ========

2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ () C:\Users\Kopci\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Kopci (06-03-2021 11:19:35)
Running from C:\Users\Kopci\Desktop
Windows 10 Home Version 1909 18363.1379 (X64) (2020-05-03 11:46:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3044413106-2186633788-3405021347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3044413106-2186633788-3405021347-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3044413106-2186633788-3405021347-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3044413106-2186633788-3405021347-501 - Limited - Disabled)
Kopci (S-1-5-21-3044413106-2186633788-3405021347-1001 - Administrator - Enabled) => C:\Users\Kopci
WDAGUtilityAccount (S-1-5-21-3044413106-2186633788-3405021347-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IBuddy (HKLM-x32\...\IBuddy) (Version: 2.1.0.3 - IdleTime Software)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB041B6A-FACB-4853-BEE9-814FE7F93BB2}) (Version: 17.1.1530.1669 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
LEGO® Harry Potter™: Years 5-7 DEMO (HKLM-x32\...\{AD665A16-AA0E-494A-A8CF-A7AFAD06C0F4}) (Version: 1.0.0.0 - WB Games)
Lenovo App Explorer (HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\...\Host App Service) (Version: 0.272.1.559 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Host App Service) (Version: 0.273.4.172 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5709.60 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.50 - Lenovo)
Lenovo Solution Center (HKLM\...\{E442BFFD-8406-4C6D-BE7E-0CF6E61EE363}) (Version: 3.2.004.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 - ko-kr (HKLM\...\O365HomePremRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29088 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SAntivirus Realtime Protection Lite (HKLM-x32\...\SAntivirus) (Version: 1.0.22.26 - Corp DCom) <==== ATTENTION
Seznam Software (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Taskbar system version 1.0.0.2 (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\{C40E1200-5BEC-410C-B3C5-F7B475729D42}_is1) (Version: 1.0.0.2 - Taskbar system)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.36 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.6) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)
엔터프라이즈용 Microsoft 365 앱 - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.188.300.0_x86__kgqvnymyfvs32 [2021-03-05] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-27] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-20] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-23] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_6.5.0.0_x86__g0q0z3kw54rap [2021-02-09] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-04] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Video Cutter & Compressor -> C:\Program Files\WindowsApps\24711Mixilab.VideoCutterCompressor_2.0.1.0_x64__c39s816dkej80 [2020-02-17] (Mixilab) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxDTCM.dll [2017-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-07 14:55 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-03-07 14:55 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2021-02-27 20:44 - 2021-01-13 09:57 - 014318734 _____ () [File not signed] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\sdk.dll
2021-02-27 20:44 - 2020-05-14 00:17 - 000112640 _____ (Countly) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\Countly.dll
2021-02-27 20:44 - 2018-01-10 13:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\AsyncBridge.Net35.dll
2017-11-17 03:11 - 2017-11-17 03:11 - 000310784 _____ (GitHub Community) [File not signed] [File is in use] C:\Program Files (x86)\Digital Communications\SAntivirus\Microsoft.Win32.TaskScheduler.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-02-27 20:44 - 2018-03-24 17:44 - 000475136 _____ (Newtonsoft) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\Newtonsoft.Json.dll
2021-02-07 11:51 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2020-12-24 22:13 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-02-27 20:44 - 2018-05-11 08:52 - 000074240 _____ (Sentry) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\SharpRaven.dll
2020-06-19 19:39 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-03-07 14:55 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kopci\Downloads\LEGO Harry Potter: Years 5-7 Free...tmp [2111874]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> DefaultScope {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A813C5E-EE10-4A91-83D8-430CEA749392} URL =
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Control Panel\Desktop\\Wallpaper -> c:\users\kopci\desktop\wallpapeeeerssss\se tapetaaa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{1EFA947E-0003-4D2B-B77A-B158399053F4}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{351BA8B9-0251-45E4-8A68-37460447537D}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FFAFE8E1-E8F4-4149-B310-66C5096038B9}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4A54488B-5F00-4C81-8E84-D1CA8FF403E8}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27EE67D4-5A5B-4368-95D4-2BAF4BF405D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1812297-088D-4302-AC15-1B0F987743EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9DB305C-E233-46A8-A2B3-C5F7C604E273}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0393F908-183C-4CE0-BD79-793DE565E783}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C71CC94-352E-4648-AC9E-E53D00F37F6A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{BAD7F3E3-2403-4A50-977E-FA93F53FB288}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{F9406233-A495-4EDE-94E0-89EAC9EBD48A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{DC50887B-05F7-4502-9AB3-EC14784DE52B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5DB4350-2CE3-4965-AE72-9C796FB7DA4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{35063B0C-4953-459D-A405-8B78D49C101E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACB65E45-6819-4891-8ED4-60649491935B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{50CA1968-0700-4017-A21E-AA22004B35AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C00E400-1F11-4A32-9C97-CA6A36A3D513}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2A0697-105E-4BC8-B9C0-88C093B47194}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52F50906-5B06-49A5-A2A8-5CEF642296F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C91C35D-CF09-4B89-A2F9-496BCD4C5FC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23EF5EFB-4937-4094-86D4-79651D8FA6AC}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C9FDE0DE-1F7A-4DAC-AD3C-DCC31C571AE9}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{19E59825-96D8-4938-A4C5-3CACF90B764E}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File

==================== Restore Points =========================

18-02-2021 21:01:55 Naplánovaný kontrolní bod
27-02-2021 20:10:35 Installed LEGO® Harry Potter™: Years 5-7 DEMO

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/06/2021 11:19:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5288,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/06/2021 10:52:39 AM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (03/06/2021 10:48:25 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15116,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/05/2021 09:52:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14596,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/05/2021 09:42:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13400,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/05/2021 08:42:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (15540,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/05/2021 08:35:46 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13548,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/05/2021 11:50:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13512,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/06/2021 11:01:08 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2021 10:58:15 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2021 10:41:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2021 10:36:56 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/05/2021 08:27:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/05/2021 08:54:05 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/05/2021 08:49:35 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/04/2021 10:21:05 PM) (Source: Netwtw04) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error


Windows Defender:
================
Date: 2021-03-06 11:00:31.374
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.17800.5, NIS: 0.0.0.0

Date: 2021-03-05 09:42:23.860
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2277.0, AS: 1.331.2277.0, NIS: 1.331.2277.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-05 09:35:48.628
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BF5B13B9-2A1C-468A-B211-7930C3004C03}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-04 18:38:32.009
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7D59EA95-0D41-4D55-A70E-8ADBAAE96C19}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-03 00:52:27.377
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Ymacco.AA2A
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\IBuddy\IBuddyService.exe; process:_pid:4868,ProcessStart:132592020777907195; service:_IBuddyService
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\IBuddy\IBuddyService.exe
Verze bezpečnostních informací: AV: 1.331.2222.0, AS: 1.331.2222.0, NIS: 1.331.2222.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-02-24 12:23:38.516
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1570.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-02-11 10:06:34.238
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.612.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-31 16:26:57.918
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.3013.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-01-18 17:57:17.921
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2400.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-15 15:52:14.054
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2219.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x8024001e
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: LENOVO D7CN33WW(V3.06) 10/11/2016
Motherboard: LENOVO Lenovo E51-80
Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 87%
Total physical RAM: 3954.76 MB
Available physical RAM: 478.97 MB
Total Virtual: 8562.76 MB
Available Virtual: 3512.18 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.23 GB) (Free:758.32 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) NTFS
Drive e: (Audio CD) (CDROM) (Total:0 GB) (Free:0 GB) CDFS

\\?\Volume{6c3fa5a0-0174-47ec-9620-50fa9d879456}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{e5a533a5-59c4-46c1-a763-e04321dd8ea9}\ (LENOVO_PART) (Fixed) (Total:20.06 GB) (Free:8.52 GB) NTFS
\\?\Volume{d776d5a8-d836-456e-bd52-14bf61297784}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6199B984)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu - viz log z FRST

Napsal: 07 bře 2021 19:26
od Diallix
Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Re: Prosím o kontrolu - viz log z FRST

Napsal: 07 bře 2021 20:00
od vrchlab
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-07-2021
# Duration: 00:00:13
# OS: Windows 10 Home
# Cleaned: 14
# Awaiting reboot:1
# Failed: 4


***** [ Services ] *****

Deleted SAntivirusIC
Deleted SAntivirusSvc

***** [ Folders ] *****

Deleted C:\Users\Kopci\AppData\Roaming\santivirusclient
Needs Reboot C:\Program Files (x86)\Digital Communications
Not Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
Not Deleted C:\ProgramData\SAntivirus

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows\SAntivirus
Deleted HKLM\Software\SegOption
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|santivirusclient.vshost.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\SAntivirus
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SAntivirusSvc
Not Deleted HKLM\Software\SAntivirus
Not Deleted HKLM\Software\Wow6432Node\SAntivirus

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Program Files (x86)\Digital Communications

*************************

AdwCleaner[S00].txt - [10044 octets] - [07/03/2021 19:33:21]
AdwCleaner[C00].txt - [9958 octets] - [07/03/2021 19:40:57]
AdwCleaner[S01].txt - [3197 octets] - [07/03/2021 19:47:28]
AdwCleaner[S02].txt - [3258 octets] - [07/03/2021 19:48:20]
AdwCleaner[C02].txt - [3308 octets] - [07/03/2021 19:48:55]
AdwCleaner[S03].txt - [3380 octets] - [07/03/2021 19:53:29]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

Re: Prosím o kontrolu - viz log z FRST

Napsal: 08 bře 2021 07:01
od Diallix
Poprosim o nove logy FRST + ADDITION.

Re: Prosím o kontrolu - viz log z FRST

Napsal: 08 bře 2021 17:52
od vrchlab
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Kopci (administrator) on LAPTOP-HH1EQN5N (LENOVO 80QB) (08-03-2021 17:42:58)
Running from C:\Users\Kopci\Desktop
Loaded Profiles: Kopci
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use] C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusClient.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe
(Digital Communications Inc -> Сorp DCom) C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe
(Globalhop Ltd TOO -> ) C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Microsoft Windows Third Party Application Component -> Adobe) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
Failed to access process -> ZeroConfigService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo Smart Fingerprint] => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Kopci\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [Taskbar system] => C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe [918040 2021-01-13] (Globalhop Ltd TOO -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7A64AF-41E2-4A98-8D6D-1A0AF0E7ED3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {20CC5D35-6588-4513-8287-B6EA51CD49F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {227B0B35-DA77-46F3-9DCF-CF593A24B789} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {29CCEDAC-180F-4086-A873-5CF401966497} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {354BFF90-C248-468A-9891-96E843DE83C4} - \Lenovo\ImController\TimeBasedEvents\1a5fe197-aac3-49ae-a7f2-5d0e3f8fcc23 -> No File <==== ATTENTION
Task: {36F6B47C-9573-4A05-9CBA-72A6818284C9} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {3A46C4CE-A277-497A-B599-0F9C86F19B7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AD8077C-808E-4BEF-8C18-73D591F29EE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {420B6F54-9CBB-4760-BD62-FFC983F0F7E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {45513EBA-7E69-447D-802A-771AA4D26FD6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {463AE302-4AA6-4022-A74C-5E154ACD9474} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {49F2B11E-D4EF-4DC1-A27C-DBF1EAB9A544} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {5D7FE370-0268-4F37-8C09-F692339CC68C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {5DE002F3-B0EB-4E30-AC50-588271623551} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F2BE04C-DF43-4441-BA87-AF2FAB189A74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F40EA3F-BAAC-4285-8286-9B257B8649B7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EA656A2-D79A-4CA9-9823-F1271FA290D2} - System32\Tasks\Lenovo\fplmonitorConnect => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {719363F1-497C-4B69-A1DD-EE77AE387B55} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {7B0DFC7C-EED3-4F3D-A4E2-2113C188ABA2} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7F2A58CC-CE18-44EF-B47A-4BF3AE16DD76} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {940BEF6D-D1FB-413A-8830-86307ECA578D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AAE5F6DC-B3D2-4D6F-AC8C-13BA5134ABD3} - \Lenovo\ImController\TimeBasedEvents\e7da87f6-7615-427b-ba3c-72621f185e69 -> No File <==== ATTENTION
Task: {AFA1F844-B873-4B2C-ABAE-0FD04AADA7F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B24300D5-CBDD-4300-A95B-31ADA344D448} - \Lenovo\ImController\TimeBasedEvents\94ccf936-9235-436f-93a1-c66cc36e0b55 -> No File <==== ATTENTION
Task: {B765D5C5-8B13-4A9D-9CE0-88B45DF4581F} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {BA5589F5-363D-402E-886C-56770A4CBCD8} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {BEC94A6B-C41E-40A5-80BF-E84B77B064EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C686002C-2ED0-4349-A479-ABD734A978DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133488 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C91368E0-6C17-428C-A951-070E3CC250CC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {CCD9CD19-A5D1-4A3E-B8C2-C7A3F5CDDCE9} - \Lenovo\ImController\TimeBasedEvents\ad0aed99-ae3a-420a-befd-6aa2272f541f -> No File <==== ATTENTION
Task: {CEC493DC-1B6B-4FBF-8823-63237A273B37} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {D71E4AA2-EFF8-41D2-9B53-3B1F68AE872E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {E8975FB6-D236-44C8-9179-AF9BD682BF88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F22F6641-7594-4471-886C-B4AB12488B68} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F59A1B2B-4E32-4FAE-AFB1-97BB163A1A62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F63D47B8-38E2-4E22-A98D-78DB7FC1A7C3} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {F84D559D-6497-47FE-888E-79B9E0E6F52F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5bdce1b0-6c55-4811-8821-86e83bfe7d28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7370f33a-094d-4166-896c-c94ded8f462e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ba844273-ed17-44ac-bbbf-eefe42da4ab5}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kopci\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-08]

FireFox:
========
FF DefaultProfile: k5b7neg4.default
FF ProfilePath: C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default [2021-03-08]
FF Session Restore: Mozilla\Firefox\Profiles\k5b7neg4.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\k5b7neg4.default -> hxxps://www.slevomat.cz; hxxps://online.rb.cz
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"FunnyKacele" => service was unlocked. <==== ATTENTION
"SAntivirusIC" => service was unlocked. <==== ATTENTION

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FunnyKacele; C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe [30701040 2018-05-04] (Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6940672 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [626688 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85504 2021-02-27] (Digital Communications Inc -> Corp DCom) <==== ATTENTION
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 02:30 - 2021-03-08 02:31 - 001415172 _____ C:\WINDOWS\Minidump\030821-40718-01.dmp
2021-03-07 19:56 - 2021-03-07 19:56 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\santivirusclient
2021-03-07 19:32 - 2021-03-07 19:39 - 000000000 ____D C:\AdwCleaner
2021-03-07 19:28 - 2021-03-07 19:28 - 008463216 _____ (Malwarebytes) C:\Users\Kopci\Desktop\adwcleaner_8.1.exe
2021-03-06 21:52 - 2021-03-06 21:57 - 001452572 _____ C:\WINDOWS\Minidump\030621-42156-01.dmp
2021-03-06 18:22 - 2021-03-08 02:30 - 824212867 _____ C:\WINDOWS\MEMORY.DMP
2021-03-06 18:22 - 2021-03-06 20:09 - 001436956 _____ C:\WINDOWS\Minidump\030621-35343-01.dmp
2021-03-06 11:19 - 2021-03-06 16:16 - 000041331 _____ C:\Users\Kopci\Desktop\Addition.txt
2021-03-06 11:13 - 2021-03-08 17:45 - 000021250 _____ C:\Users\Kopci\Desktop\FRST.txt
2021-03-06 11:13 - 2021-03-08 17:44 - 000000000 ____D C:\FRST
2021-03-06 11:10 - 2021-03-06 11:10 - 002301440 _____ (Farbar) C:\Users\Kopci\Desktop\FRST64.exe
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\SAntivirus
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2021-02-27 20:44 - 2021-02-28 13:31 - 000000000 ____D C:\Program Files (x86)\FunnyKacele
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Local\TaskbarSystem
2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ C:\Users\Kopci\AppData\Local\partner.bmp
2021-02-27 20:43 - 2021-02-27 20:43 - 000000000 _____ C:\Users\Kopci\Downloads\LEGO Harry Potter
2021-02-27 20:42 - 2021-02-27 20:43 - 000000000 ____D C:\Program Files (x86)\ExhaustingGovernmentphoInstall
2021-02-27 20:25 - 2021-02-27 20:25 - 000000000 ____D C:\Program Files (x86)\WB Games
2021-02-27 18:26 - 2021-02-28 13:47 - 000002372 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 18:13 - 2021-02-27 19:23 - 764398929 _____ C:\Users\Kopci\Downloads\LEGO.Harry.Potter.5-7.zip.part
2021-02-27 18:10 - 2021-02-27 18:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 15:13 - 2021-02-28 13:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-21 20:25 - 2021-03-04 23:11 - 000000000 ____D C:\Users\Kopci\Desktop\random fotky xd
2021-02-15 09:00 - 2021-02-15 09:00 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\Zoom_cm_fik4fkwZ9vvrZo4_muA1SOBB4sC925lOx0QoYuFfREgy+6cQB5gAX@-SoVtX4uj4nOWPPM_k5d14e1340bf434a7_.exe
2021-02-15 08:23 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-02-15 08:22 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Zoom
2021-02-15 08:22 - 2021-02-15 08:22 - 015135752 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\ZoomInstaller.exe
2021-02-13 12:36 - 2021-02-13 12:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-13 12:36 - 2021-02-13 12:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-02-13 12:34 - 2021-02-13 12:34 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-08 17:42 - 2019-02-21 21:41 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-08 17:42 - 2016-12-25 21:35 - 000000000 ____D C:\Users\Kopci\AppData\LocalLow\Mozilla
2021-03-08 17:40 - 2020-04-24 10:42 - 000000000 ____D C:\Users\Kopci\Desktop\power point gyby
2021-03-08 17:40 - 2020-04-24 10:40 - 000000000 ____D C:\Users\Kopci\Desktop\word gyby
2021-03-08 17:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-08 16:24 - 2020-05-03 12:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-08 14:33 - 2016-12-25 22:55 - 000000000 ____D C:\Program Files\CCleaner
2021-03-08 08:46 - 2020-05-03 12:17 - 000000000 ____D C:\Users\Kopci
2021-03-08 08:46 - 2016-12-25 09:33 - 000000000 __SHD C:\Users\Kopci\IntelGraphicsProfiles
2021-03-08 02:32 - 2020-11-09 17:44 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-08 02:30 - 2020-05-03 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-08 02:30 - 2017-09-03 13:57 - 000000000 ____D C:\ProgramData\Synaptics
2021-03-07 21:35 - 2020-09-07 20:14 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-07 21:35 - 2020-09-07 20:14 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-07 21:35 - 2020-09-07 20:14 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-07 19:54 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-07 19:40 - 2020-05-03 12:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-07 19:40 - 2020-03-12 20:53 - 000000000 ____D C:\WINDOWS\Lenovo
2021-03-07 19:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-07 19:40 - 2016-12-25 09:34 - 000000000 ____D C:\Users\Kopci\AppData\Local\Lenovo
2021-03-07 19:40 - 2016-12-25 09:29 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Lenovo
2021-03-07 19:40 - 2016-05-28 15:07 - 000000000 ____D C:\Program Files\Lenovo
2021-03-07 19:40 - 2016-05-28 14:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-03-07 19:39 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-07 11:13 - 2020-05-03 12:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-06 16:01 - 2016-05-28 15:13 - 000000000 ____D C:\ProgramData\Lenovo
2021-03-06 11:09 - 2018-02-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-06 10:57 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-06 10:55 - 2017-12-31 13:21 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-06 10:55 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-06 10:45 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-06 10:37 - 2017-10-18 22:33 - 000000000 ____D C:\Users\Kopci\AppData\Local\Packages
2021-03-05 09:13 - 2016-05-28 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-05 00:55 - 2020-09-23 22:08 - 000000000 ____D C:\Users\Kopci\Documents\Soubory aplikace Outlook
2021-03-04 15:26 - 2020-11-30 20:42 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\vlc
2021-02-28 13:50 - 2016-12-25 22:45 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-28 13:48 - 2016-12-25 09:43 - 000000000 ___RD C:\Users\Kopci\OneDrive
2021-02-28 13:47 - 2020-05-03 12:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3044413106-2186633788-3405021347-1001
2021-02-28 13:36 - 2020-05-03 12:09 - 000515336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-28 13:27 - 2016-12-25 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-27 20:48 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-27 18:10 - 2016-12-25 21:34 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 15:10 - 2020-09-07 20:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-26 15:10 - 2020-09-07 20:14 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-25 13:19 - 2020-04-09 14:54 - 000002375 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-25 13:19 - 2019-09-22 08:24 - 000002367 _____ C:\Users\Kopci\Desktop\Microsoft Teams.lnk
2021-02-24 12:05 - 2019-03-30 16:33 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Opera Software
2021-02-23 18:24 - 2020-03-12 20:53 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-03-12 20:53 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2017-10-11 20:21 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-03-12 20:52 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 11:19 - 2020-09-03 16:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-17 10:07 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-16 16:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-14 20:43 - 2020-05-03 21:34 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-14 20:43 - 2020-05-03 21:34 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-14 20:43 - 2020-05-03 12:29 - 001693858 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 20:37 - 2017-10-19 19:48 - 000000000 ___RD C:\Users\Kopci\3D Objects
2021-02-14 20:37 - 2015-11-03 20:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 12:48 - 2019-03-19 07:20 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-13 12:48 - 2019-03-19 07:20 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-02-11 10:25 - 2016-12-25 20:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 10:06 - 2016-12-25 20:49 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 16:23 - 2020-05-03 12:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-07 11:52 - 2016-12-25 21:09 - 000160860 _____ C:\WINDOWS\system32\InstallUtil.InstallLog

==================== Files in the root of some directories ========

2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ () C:\Users\Kopci\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Kopci (08-03-2021 17:47:47)
Running from C:\Users\Kopci\Desktop
Windows 10 Home Version 1909 18363.1379 (X64) (2020-05-03 11:46:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3044413106-2186633788-3405021347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3044413106-2186633788-3405021347-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3044413106-2186633788-3405021347-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3044413106-2186633788-3405021347-501 - Limited - Disabled)
Kopci (S-1-5-21-3044413106-2186633788-3405021347-1001 - Administrator - Enabled) => C:\Users\Kopci
WDAGUtilityAccount (S-1-5-21-3044413106-2186633788-3405021347-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB041B6A-FACB-4853-BEE9-814FE7F93BB2}) (Version: 17.1.1530.1669 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
LEGO® Harry Potter™: Years 5-7 DEMO (HKLM-x32\...\{AD665A16-AA0E-494A-A8CF-A7AFAD06C0F4}) (Version: 1.0.0.0 - WB Games)
Lenovo App Explorer (HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\...\Host App Service) (Version: 0.272.1.559 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.50 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 - ko-kr (HKLM\...\O365HomePremRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29088 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Taskbar system version 1.0.0.2 (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\{C40E1200-5BEC-410C-B3C5-F7B475729D42}_is1) (Version: 1.0.0.2 - Taskbar system)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.36 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.6) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)
엔터프라이즈용 Microsoft 365 앱 - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.188.300.0_x86__kgqvnymyfvs32 [2021-03-05] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-27] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-20] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-23] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_6.5.0.0_x86__g0q0z3kw54rap [2021-02-09] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-04] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Video Cutter & Compressor -> C:\Program Files\WindowsApps\24711Mixilab.VideoCutterCompressor_2.0.1.0_x64__c39s816dkej80 [2020-02-17] (Mixilab) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxDTCM.dll [2017-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-07 14:55 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-03-07 14:55 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2021-02-27 20:44 - 2021-01-13 09:57 - 014318734 _____ () [File not signed] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\sdk.dll
2021-02-27 20:44 - 2020-05-14 00:17 - 000112640 _____ (Countly) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\Countly.dll
2021-02-27 20:44 - 2018-01-10 13:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\AsyncBridge.Net35.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-02-27 20:44 - 2018-03-24 17:44 - 000475136 _____ (Newtonsoft) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\Newtonsoft.Json.dll
2021-02-07 11:51 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2021-02-27 20:44 - 2018-05-11 08:52 - 000074240 _____ (Sentry) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\SharpRaven.dll
2020-03-07 14:55 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Kopci\Downloads\LEGO Harry Potter: Years 5-7 Free...tmp [2111874]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> DefaultScope {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A813C5E-EE10-4A91-83D8-430CEA749392} URL =
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Control Panel\Desktop\\Wallpaper -> c:\users\kopci\desktop\wallpapeeeerssss\se tapetaaa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{1EFA947E-0003-4D2B-B77A-B158399053F4}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{351BA8B9-0251-45E4-8A68-37460447537D}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FFAFE8E1-E8F4-4149-B310-66C5096038B9}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4A54488B-5F00-4C81-8E84-D1CA8FF403E8}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27EE67D4-5A5B-4368-95D4-2BAF4BF405D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1812297-088D-4302-AC15-1B0F987743EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9DB305C-E233-46A8-A2B3-C5F7C604E273}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0393F908-183C-4CE0-BD79-793DE565E783}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C71CC94-352E-4648-AC9E-E53D00F37F6A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{BAD7F3E3-2403-4A50-977E-FA93F53FB288}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe => No File
FirewallRules: [{F9406233-A495-4EDE-94E0-89EAC9EBD48A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe => No File
FirewallRules: [{DC50887B-05F7-4502-9AB3-EC14784DE52B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5DB4350-2CE3-4965-AE72-9C796FB7DA4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{35063B0C-4953-459D-A405-8B78D49C101E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACB65E45-6819-4891-8ED4-60649491935B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{50CA1968-0700-4017-A21E-AA22004B35AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C00E400-1F11-4A32-9C97-CA6A36A3D513}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2A0697-105E-4BC8-B9C0-88C093B47194}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52F50906-5B06-49A5-A2A8-5CEF642296F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C91C35D-CF09-4B89-A2F9-496BCD4C5FC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23EF5EFB-4937-4094-86D4-79651D8FA6AC}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C9FDE0DE-1F7A-4DAC-AD3C-DCC31C571AE9}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{19E59825-96D8-4938-A4C5-3CACF90B764E}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File

==================== Restore Points =========================

18-02-2021 21:01:55 Naplánovaný kontrolní bod
27-02-2021 20:10:35 Installed LEGO® Harry Potter™: Years 5-7 DEMO
07-03-2021 19:35:00 AdwCleaner_BeforeCleaning_07/03/2021_19:34:50

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/08/2021 05:45:41 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3168,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 05:21:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11408,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 04:51:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8132,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 04:21:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12908,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 03:21:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12304,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 03:12:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12944,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 02:21:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2676,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/08/2021 01:21:37 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9460,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/08/2021 09:16:40 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/08/2021 09:01:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/08/2021 08:51:41 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/08/2021 08:47:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/08/2021 08:47:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/08/2021 08:47:02 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/08/2021 08:46:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/08/2021 02:32:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2021-02-28 13:11:20.578
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\rlls64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-28 13:11:10.380
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\rlls.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-28 13:11:10.353
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\rlls.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-28 13:11:09.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\WebDiscoverBrowser\4.28.2\browser.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\rlls.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-28 13:11:09.066
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume3\Windows\SysWOW64\rlls.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-07 19:46:22.433
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2500.0, AS: 1.331.2500.0, NIS: 1.331.2500.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-06 18:26:28.206
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2500.0, AS: 1.331.2500.0, NIS: 1.331.2500.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-06 11:00:31.374
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.17800.5, NIS: 0.0.0.0

Date: 2021-03-05 09:42:23.860
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2277.0, AS: 1.331.2277.0, NIS: 1.331.2277.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-05 09:35:48.628
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {BF5B13B9-2A1C-468A-B211-7930C3004C03}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-07 19:40:35.469
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.2500.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-02-24 12:23:38.516
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1570.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-02-11 10:06:34.238
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.612.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-31 16:26:57.918
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.3013.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

==================== Memory info ===========================

BIOS: LENOVO D7CN33WW(V3.06) 10/11/2016
Motherboard: LENOVO Lenovo E51-80
Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 77%
Total physical RAM: 3954.76 MB
Available physical RAM: 889.98 MB
Total Virtual: 8562.76 MB
Available Virtual: 3723.08 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.23 GB) (Free:750.2 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) NTFS

\\?\Volume{6c3fa5a0-0174-47ec-9620-50fa9d879456}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{e5a533a5-59c4-46c1-a763-e04321dd8ea9}\ (LENOVO_PART) (Fixed) (Total:20.06 GB) (Free:8.52 GB) NTFS
\\?\Volume{d776d5a8-d836-456e-bd52-14bf61297784}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6199B984)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu - viz log z FRST

Napsal: 09 bře 2021 19:40
od Diallix
Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\Digital Communications

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {420B6F54-9CBB-4760-BD62-FFC983F0F7E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {354BFF90-C248-468A-9891-96E843DE83C4} - \Lenovo\ImController\TimeBasedEvents\1a5fe197-aac3-49ae-a7f2-5d0e3f8fcc23 -> No File <==== ATTENTION
Task: {36F6B47C-9573-4A05-9CBA-72A6818284C9} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {45513EBA-7E69-447D-802A-771AA4D26FD6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {463AE302-4AA6-4022-A74C-5E154ACD9474} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {49F2B11E-D4EF-4DC1-A27C-DBF1EAB9A544} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {AAE5F6DC-B3D2-4D6F-AC8C-13BA5134ABD3} - \Lenovo\ImController\TimeBasedEvents\e7da87f6-7615-427b-ba3c-72621f185e69 -> No File <==== ATTENTION
Task: {B24300D5-CBDD-4300-A95B-31ADA344D448} - \Lenovo\ImController\TimeBasedEvents\94ccf936-9235-436f-93a1-c66cc36e0b55 -> No File <==== ATTENTION
Task: {B765D5C5-8B13-4A9D-9CE0-88B45DF4581F} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {CCD9CD19-A5D1-4A3E-B8C2-C7A3F5CDDCE9} - \Lenovo\ImController\TimeBasedEvents\ad0aed99-ae3a-420a-befd-6aa2272f541f -> No File <==== ATTENTION
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\sko-extension@firma.seznam.cz [not found]
FirewallRules: [{C9FDE0DE-1F7A-4DAC-AD3C-DCC31C571AE9}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{19E59825-96D8-4938-A4C5-3CACF90B764E}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BAD7F3E3-2403-4A50-977E-FA93F53FB288}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe => No File
FirewallRules: [{F9406233-A495-4EDE-94E0-89EAC9EBD48A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe => No File
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> DefaultScope {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A813C5E-EE10-4A91-83D8-430CEA749392} URL =
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
AlternateDataStreams: C:\Users\Kopci\Downloads\LEGO Harry Potter: Years 5-7 Free...tmp [2111874]
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85504 2021-02-27] (Digital Communications Inc -> Corp DCom) <==== ATTENTION
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X]
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6940672 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [626688 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Prosím o kontrolu - viz log z FRST

Napsal: 10 bře 2021 21:14
od vrchlab
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Kopci (10-03-2021 20:45:08) Run:1
Running from C:\Users\Kopci\Desktop
Loaded Profiles: defaultuser0 & Kopci
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\Digital Communications

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Task: {420B6F54-9CBB-4760-BD62-FFC983F0F7E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {354BFF90-C248-468A-9891-96E843DE83C4} - \Lenovo\ImController\TimeBasedEvents\1a5fe197-aac3-49ae-a7f2-5d0e3f8fcc23 -> No File <==== ATTENTION
Task: {36F6B47C-9573-4A05-9CBA-72A6818284C9} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {45513EBA-7E69-447D-802A-771AA4D26FD6} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {463AE302-4AA6-4022-A74C-5E154ACD9474} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {49F2B11E-D4EF-4DC1-A27C-DBF1EAB9A544} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {AAE5F6DC-B3D2-4D6F-AC8C-13BA5134ABD3} - \Lenovo\ImController\TimeBasedEvents\e7da87f6-7615-427b-ba3c-72621f185e69 -> No File <==== ATTENTION
Task: {B24300D5-CBDD-4300-A95B-31ADA344D448} - \Lenovo\ImController\TimeBasedEvents\94ccf936-9235-436f-93a1-c66cc36e0b55 -> No File <==== ATTENTION
Task: {B765D5C5-8B13-4A9D-9CE0-88B45DF4581F} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {CCD9CD19-A5D1-4A3E-B8C2-C7A3F5CDDCE9} - \Lenovo\ImController\TimeBasedEvents\ad0aed99-ae3a-420a-befd-6aa2272f541f -> No File <==== ATTENTION
FF Extension: (No Name) - C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\sko-extension@firma.seznam.cz [not found]
FirewallRules: [{C9FDE0DE-1F7A-4DAC-AD3C-DCC31C571AE9}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{19E59825-96D8-4938-A4C5-3CACF90B764E}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BAD7F3E3-2403-4A50-977E-FA93F53FB288}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe => No File
FirewallRules: [{F9406233-A495-4EDE-94E0-89EAC9EBD48A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe => No File
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> DefaultScope {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A813C5E-EE10-4A91-83D8-430CEA749392} URL =
SearchScopes: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001 -> {3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
AlternateDataStreams: C:\Users\Kopci\Downloads\LEGO Harry Potter: Years 5-7 Free...tmp [2111874]
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-02-13 12:35 - 2021-02-13 12:35 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
R1 TASANTIVIRUSKD; C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [85504 2021-02-27] (Digital Communications Inc -> Corp DCom) <==== ATTENTION
S2 CCSDK; "C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X]
R2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe [6940672 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION
R2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [626688 2021-02-27] (Digital Communications Inc -> Сorp DCom) <==== ATTENTION

EmptyTemp:


*****************

Processes closed successfully.
Restore point was successfully created.

"C:\Program Files (x86)\Digital Communications" folder move:

Could not move "C:\Program Files (x86)\Digital Communications" => Scheduled to move on reboot.

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{420B6F54-9CBB-4760-BD62-FFC983F0F7E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{420B6F54-9CBB-4760-BD62-FFC983F0F7E0}" => removed successfully
C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{354BFF90-C248-468A-9891-96E843DE83C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{354BFF90-C248-468A-9891-96E843DE83C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\1a5fe197-aac3-49ae-a7f2-5d0e3f8fcc23" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36F6B47C-9573-4A05-9CBA-72A6818284C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36F6B47C-9573-4A05-9CBA-72A6818284C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45513EBA-7E69-447D-802A-771AA4D26FD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45513EBA-7E69-447D-802A-771AA4D26FD6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{463AE302-4AA6-4022-A74C-5E154ACD9474}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{463AE302-4AA6-4022-A74C-5E154ACD9474}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Lenovo Solution Center Launcher => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Solution Center Launcher" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49F2B11E-D4EF-4DC1-A27C-DBF1EAB9A544}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49F2B11E-D4EF-4DC1-A27C-DBF1EAB9A544}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AAE5F6DC-B3D2-4D6F-AC8C-13BA5134ABD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AAE5F6DC-B3D2-4D6F-AC8C-13BA5134ABD3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e7da87f6-7615-427b-ba3c-72621f185e69" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B24300D5-CBDD-4300-A95B-31ADA344D448}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B24300D5-CBDD-4300-A95B-31ADA344D448}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\94ccf936-9235-436f-93a1-c66cc36e0b55" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B765D5C5-8B13-4A9D-9CE0-88B45DF4581F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B765D5C5-8B13-4A9D-9CE0-88B45DF4581F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCD9CD19-A5D1-4A3E-B8C2-C7A3F5CDDCE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCD9CD19-A5D1-4A3E-B8C2-C7A3F5CDDCE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\ad0aed99-ae3a-420a-befd-6aa2272f541f" => removed successfully
C:\Program Files (x86)\McAfee\SiteAdvisor\e10ssaffplg.xpi => path removed successfully
C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default\extensions\sko-extension@firma.seznam.cz => path removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C9FDE0DE-1F7A-4DAC-AD3C-DCC31C571AE9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{19E59825-96D8-4938-A4C5-3CACF90B764E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BAD7F3E3-2403-4A50-977E-FA93F53FB288}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F9406233-A495-4EDE-94E0-89EAC9EBD48A}" => removed successfully
"HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A813C5E-EE10-4A91-83D8-430CEA749392} => removed successfully
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3A8CC7AC-C9FE-463C-BBB7-96AC4CADA423} => removed successfully
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
C:\Users\Kopci\Downloads\LEGO Harry Potter => ": Years 5-7 Free...tmp" ADS removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File" => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
C:\WINDOWS\system32\DrtmAuth9.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth8.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth7.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth6.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth5.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth4.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth3.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth2.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth18.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth17.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth16.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth15.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth12.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth11.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth10.bin => moved successfully
C:\WINDOWS\system32\DrtmAuth1.bin => moved successfully
TASANTIVIRUSKD => Unable to stop service.
HKLM\System\CurrentControlSet\Services\TASANTIVIRUSKD => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\CCSDK => removed successfully
CCSDK => service removed successfully
HKLM\System\CurrentControlSet\Services\ImControllerService => removed successfully
ImControllerService => service removed successfully
HKLM\System\CurrentControlSet\Services\LSCWinService => removed successfully
LSCWinService => service removed successfully
SAntivirusIC => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SAntivirusIC => could not remove, key could be protected
SAntivirusSvc => Unable to stop service.
HKLM\System\CurrentControlSet\Services\SAntivirusSvc => could not remove, key could be protected

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21521016 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7765781 B
Edge => 447085 B
Firefox => 1099167497 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 279363638 B
defaultuser0 => 279370806 B
Kopci => 798743389 B

RecycleBin => 597677 B
EmptyTemp: => 2.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 10-03-2021 21:13:00)

C:\Program Files (x86)\Digital Communications => Is moved successfully

Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\TASANTIVIRUSKD => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\SAntivirusIC => could not remove, key could be protected
HKLM\System\CurrentControlSet\Services\SAntivirusSvc => could not remove, key could be protected

==== End of Fixlog 21:13:01 ====

Re: Prosím o kontrolu - viz log z FRST

Napsal: 10 bře 2021 23:47
od Diallix
Poprosim o nove logy frst + addition

Re: Prosím o kontrolu - viz log z FRST

Napsal: 11 bře 2021 22:30
od vrchlab
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Kopci (administrator) on LAPTOP-HH1EQN5N (LENOVO 80QB) (11-03-2021 22:21:23)
Running from C:\Users\Kopci\Desktop
Loaded Profiles: Kopci
Platform: Windows 10 Home Version 1909 18363.1379 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use] C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe
(Globalhop Ltd TOO -> ) C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo Smart Fingerprint] => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Kopci\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [Taskbar system] => C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe [918040 2021-01-13] (Globalhop Ltd TOO -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7A64AF-41E2-4A98-8D6D-1A0AF0E7ED3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {20CC5D35-6588-4513-8287-B6EA51CD49F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {227B0B35-DA77-46F3-9DCF-CF593A24B789} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {29CCEDAC-180F-4086-A873-5CF401966497} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A46C4CE-A277-497A-B599-0F9C86F19B7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AD8077C-808E-4BEF-8C18-73D591F29EE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {5D7FE370-0268-4F37-8C09-F692339CC68C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {5DE002F3-B0EB-4E30-AC50-588271623551} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F2BE04C-DF43-4441-BA87-AF2FAB189A74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F40EA3F-BAAC-4285-8286-9B257B8649B7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EA656A2-D79A-4CA9-9823-F1271FA290D2} - System32\Tasks\Lenovo\fplmonitorConnect => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {719363F1-497C-4B69-A1DD-EE77AE387B55} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {7B0DFC7C-EED3-4F3D-A4E2-2113C188ABA2} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7F2A58CC-CE18-44EF-B47A-4BF3AE16DD76} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {940BEF6D-D1FB-413A-8830-86307ECA578D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFA1F844-B873-4B2C-ABAE-0FD04AADA7F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA5589F5-363D-402E-886C-56770A4CBCD8} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {BEC94A6B-C41E-40A5-80BF-E84B77B064EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C686002C-2ED0-4349-A479-ABD734A978DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133488 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C91368E0-6C17-428C-A951-070E3CC250CC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {CEC493DC-1B6B-4FBF-8823-63237A273B37} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {D71E4AA2-EFF8-41D2-9B53-3B1F68AE872E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {E8975FB6-D236-44C8-9179-AF9BD682BF88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F22F6641-7594-4471-886C-B4AB12488B68} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F59A1B2B-4E32-4FAE-AFB1-97BB163A1A62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F63D47B8-38E2-4E22-A98D-78DB7FC1A7C3} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {F84D559D-6497-47FE-888E-79B9E0E6F52F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5bdce1b0-6c55-4811-8821-86e83bfe7d28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7370f33a-094d-4166-896c-c94ded8f462e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ba844273-ed17-44ac-bbbf-eefe42da4ab5}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kopci\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-09]

FireFox:
========
FF DefaultProfile: k5b7neg4.default
FF ProfilePath: C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default [2021-03-11]
FF Session Restore: Mozilla\Firefox\Profiles\k5b7neg4.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\k5b7neg4.default -> hxxps://www.slevomat.cz; hxxps://online.rb.cz
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"FunnyKacele" => service was unlocked. <==== ATTENTION

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FunnyKacele; C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe [30701040 2018-05-04] (Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use]
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION
S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MpKslfd8fc939; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2970E97F-BFEF-4ABE-97C8-3F666656EA43}\MpKslDrv.sys [90360 2021-03-11] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 MpKsleafcf821; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B47301A-6241-4B40-907B-AF4787FF3762}\MpKslDrv.sys [X]
S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 21:58 - 2021-03-11 21:58 - 001429452 _____ C:\WINDOWS\Minidump\031121-37640-01.dmp
2021-03-10 20:45 - 2021-03-10 21:13 - 000016618 _____ C:\Users\Kopci\Desktop\Fixlog.txt
2021-03-10 20:44 - 2021-03-10 20:44 - 000006128 _____ C:\Users\Kopci\Documents\fixlist.txt
2021-03-10 11:32 - 2021-03-10 11:32 - 000000000 ___HD C:\$WINDOWS.~BT
2021-03-10 10:47 - 2021-03-10 10:47 - 000000000 ___HD C:\$WinREAgent
2021-03-08 02:30 - 2021-03-08 02:31 - 001415172 _____ C:\WINDOWS\Minidump\030821-40718-01.dmp
2021-03-07 19:56 - 2021-03-07 19:56 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\santivirusclient
2021-03-07 19:32 - 2021-03-07 19:39 - 000000000 ____D C:\AdwCleaner
2021-03-07 19:28 - 2021-03-07 19:28 - 008463216 _____ (Malwarebytes) C:\Users\Kopci\Desktop\adwcleaner_8.1.exe
2021-03-06 21:52 - 2021-03-06 21:57 - 001452572 _____ C:\WINDOWS\Minidump\030621-42156-01.dmp
2021-03-06 18:22 - 2021-03-11 21:57 - 781368987 _____ C:\WINDOWS\MEMORY.DMP
2021-03-06 18:22 - 2021-03-06 20:09 - 001436956 _____ C:\WINDOWS\Minidump\030621-35343-01.dmp
2021-03-06 11:19 - 2021-03-08 17:51 - 000038520 _____ C:\Users\Kopci\Desktop\Addition.txt
2021-03-06 11:13 - 2021-03-11 22:22 - 000018515 _____ C:\Users\Kopci\Desktop\FRST.txt
2021-03-06 11:13 - 2021-03-11 22:22 - 000000000 ____D C:\FRST
2021-03-06 11:10 - 2021-03-06 11:10 - 002301440 _____ (Farbar) C:\Users\Kopci\Desktop\FRST64.exe
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\SAntivirus
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2021-02-27 20:44 - 2021-02-28 13:31 - 000000000 ____D C:\Program Files (x86)\FunnyKacele
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Local\TaskbarSystem
2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ C:\Users\Kopci\AppData\Local\partner.bmp
2021-02-27 20:43 - 2021-02-27 20:43 - 000000000 _____ C:\Users\Kopci\Downloads\LEGO Harry Potter
2021-02-27 20:42 - 2021-02-27 20:43 - 000000000 ____D C:\Program Files (x86)\ExhaustingGovernmentphoInstall
2021-02-27 20:25 - 2021-02-27 20:25 - 000000000 ____D C:\Program Files (x86)\WB Games
2021-02-27 18:26 - 2021-02-28 13:47 - 000002372 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-27 18:13 - 2021-02-27 19:23 - 764398929 _____ C:\Users\Kopci\Downloads\LEGO.Harry.Potter.5-7.zip.part
2021-02-27 18:10 - 2021-02-27 18:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-26 15:13 - 2021-02-28 13:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-21 20:25 - 2021-03-11 21:07 - 000000000 ____D C:\Users\Kopci\Desktop\random fotky xd
2021-02-15 09:00 - 2021-02-15 09:00 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\Zoom_cm_fik4fkwZ9vvrZo4_muA1SOBB4sC925lOx0QoYuFfREgy+6cQB5gAX@-SoVtX4uj4nOWPPM_k5d14e1340bf434a7_.exe
2021-02-15 08:23 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-02-15 08:22 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Zoom
2021-02-15 08:22 - 2021-02-15 08:22 - 015135752 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\ZoomInstaller.exe
2021-02-13 12:36 - 2021-02-13 12:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-13 12:36 - 2021-02-13 12:36 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-13 12:34 - 2021-02-13 12:34 - 000232752 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 22:20 - 2019-02-21 21:41 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-11 22:20 - 2016-12-25 21:35 - 000000000 ____D C:\Users\Kopci\AppData\LocalLow\Mozilla
2021-03-11 22:17 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-03-11 22:11 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-11 22:00 - 2016-12-25 22:55 - 000000000 ____D C:\Program Files\CCleaner
2021-03-11 21:59 - 2020-11-09 17:44 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-11 21:58 - 2020-05-03 12:17 - 000000000 ____D C:\Users\Kopci
2021-03-11 21:58 - 2016-12-25 09:33 - 000000000 __SHD C:\Users\Kopci\IntelGraphicsProfiles
2021-03-11 21:57 - 2020-05-03 12:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-11 21:57 - 2020-05-03 12:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-11 21:57 - 2017-09-03 13:57 - 000000000 ____D C:\ProgramData\Synaptics
2021-03-11 21:54 - 2020-04-24 10:40 - 000000000 ____D C:\Users\Kopci\Desktop\word gyby
2021-03-11 21:22 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-11 21:21 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-10 21:05 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-10 20:54 - 2020-04-29 16:29 - 000000000 ____D C:\Users\Kopci\AppData\LocalLow\Temp
2021-03-10 20:49 - 2020-05-03 12:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-10 11:56 - 2016-12-25 20:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 11:52 - 2016-12-25 20:49 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-10 11:36 - 2020-05-03 10:06 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-08 17:40 - 2020-04-24 10:42 - 000000000 ____D C:\Users\Kopci\Desktop\power point gyby
2021-03-07 21:35 - 2020-09-07 20:14 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-07 21:35 - 2020-09-07 20:14 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-07 21:35 - 2020-09-07 20:14 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-07 19:40 - 2020-03-12 20:53 - 000000000 ____D C:\WINDOWS\Lenovo
2021-03-07 19:40 - 2016-12-25 09:34 - 000000000 ____D C:\Users\Kopci\AppData\Local\Lenovo
2021-03-07 19:40 - 2016-12-25 09:29 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Lenovo
2021-03-07 19:40 - 2016-05-28 15:07 - 000000000 ____D C:\Program Files\Lenovo
2021-03-07 19:40 - 2016-05-28 14:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-03-07 19:39 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-07 11:13 - 2020-05-03 12:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-06 16:01 - 2016-05-28 15:13 - 000000000 ____D C:\ProgramData\Lenovo
2021-03-06 11:09 - 2018-02-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-06 10:55 - 2017-12-31 13:21 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-06 10:55 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-06 10:37 - 2017-10-18 22:33 - 000000000 ____D C:\Users\Kopci\AppData\Local\Packages
2021-03-05 09:13 - 2016-05-28 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-05 00:55 - 2020-09-23 22:08 - 000000000 ____D C:\Users\Kopci\Documents\Soubory aplikace Outlook
2021-03-04 15:26 - 2020-11-30 20:42 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\vlc
2021-02-28 13:50 - 2016-12-25 22:45 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-28 13:48 - 2016-12-25 09:43 - 000000000 ___RD C:\Users\Kopci\OneDrive
2021-02-28 13:47 - 2020-05-03 12:44 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3044413106-2186633788-3405021347-1001
2021-02-28 13:36 - 2020-05-03 12:09 - 000515336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-28 13:27 - 2016-12-25 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-27 20:48 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-27 18:10 - 2016-12-25 21:34 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-26 15:10 - 2020-09-07 20:14 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-26 15:10 - 2020-09-07 20:14 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-25 13:19 - 2020-04-09 14:54 - 000002375 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-25 13:19 - 2019-09-22 08:24 - 000002367 _____ C:\Users\Kopci\Desktop\Microsoft Teams.lnk
2021-02-24 12:05 - 2019-03-30 16:33 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Opera Software
2021-02-23 18:24 - 2020-03-12 20:53 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-02-23 18:24 - 2020-03-12 20:53 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-02-23 18:24 - 2017-10-11 20:21 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-23 18:23 - 2020-03-12 20:52 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-21 11:19 - 2020-09-03 16:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-17 10:07 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-16 16:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-14 20:43 - 2020-05-03 21:34 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-14 20:43 - 2020-05-03 21:34 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-14 20:43 - 2020-05-03 12:29 - 001693858 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 20:37 - 2017-10-19 19:48 - 000000000 ___RD C:\Users\Kopci\3D Objects
2021-02-14 20:37 - 2015-11-03 20:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-13 23:03 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 12:48 - 2019-03-19 07:20 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-02-13 12:48 - 2019-03-19 07:20 - 000019469 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml

==================== Files in the root of some directories ========

2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ () C:\Users\Kopci\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Kopci (11-03-2021 22:24:31)
Running from C:\Users\Kopci\Desktop
Windows 10 Home Version 1909 18363.1379 (X64) (2020-05-03 11:46:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3044413106-2186633788-3405021347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3044413106-2186633788-3405021347-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3044413106-2186633788-3405021347-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3044413106-2186633788-3405021347-501 - Limited - Disabled)
Kopci (S-1-5-21-3044413106-2186633788-3405021347-1001 - Administrator - Enabled) => C:\Users\Kopci
WDAGUtilityAccount (S-1-5-21-3044413106-2186633788-3405021347-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB041B6A-FACB-4853-BEE9-814FE7F93BB2}) (Version: 17.1.1530.1669 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
LEGO® Harry Potter™: Years 5-7 DEMO (HKLM-x32\...\{AD665A16-AA0E-494A-A8CF-A7AFAD06C0F4}) (Version: 1.0.0.0 - WB Games)
Lenovo App Explorer (HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\...\Host App Service) (Version: 0.272.1.559 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.50 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 - ko-kr (HKLM\...\O365HomePremRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29088 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Taskbar system version 1.0.0.2 (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\{C40E1200-5BEC-410C-B3C5-F7B475729D42}_is1) (Version: 1.0.0.2 - Taskbar system)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.36 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.6) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)
엔터프라이즈용 Microsoft 365 앱 - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.188.300.0_x86__kgqvnymyfvs32 [2021-03-05] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-27] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-20] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-03] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.21005.0_x64__8wekyb3d8bbwe [2021-03-11] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-23] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_6.5.0.0_x86__g0q0z3kw54rap [2021-02-09] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-04] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Video Cutter & Compressor -> C:\Program Files\WindowsApps\24711Mixilab.VideoCutterCompressor_2.0.1.0_x64__c39s816dkej80 [2020-02-17] (Mixilab) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxDTCM.dll [2017-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-07 14:55 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-03-07 14:55 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2021-02-27 20:44 - 2021-01-13 09:57 - 014318734 _____ () [File not signed] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\sdk.dll
2021-02-27 20:44 - 2020-05-14 00:17 - 000112640 _____ (Countly) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\Countly.dll
2021-02-27 20:44 - 2018-01-10 13:34 - 000024064 _____ (Daniel Grunwald, Omer Mor, Alex Davies, jnm2) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\AsyncBridge.Net35.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-02-27 20:44 - 2018-03-24 17:44 - 000475136 _____ (Newtonsoft) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\Newtonsoft.Json.dll
2021-02-07 11:51 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2021-02-27 20:44 - 2018-05-11 08:52 - 000074240 _____ (Sentry) [File not signed] [File is in use] C:\Users\Kopci\AppData\Local\Programs\Taskbar system\SharpRaven.dll
2020-03-07 14:55 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Control Panel\Desktop\\Wallpaper -> c:\users\kopci\desktop\wallpapeeeerssss\se tapetaaa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{1EFA947E-0003-4D2B-B77A-B158399053F4}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{351BA8B9-0251-45E4-8A68-37460447537D}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FFAFE8E1-E8F4-4149-B310-66C5096038B9}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4A54488B-5F00-4C81-8E84-D1CA8FF403E8}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27EE67D4-5A5B-4368-95D4-2BAF4BF405D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1812297-088D-4302-AC15-1B0F987743EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9DB305C-E233-46A8-A2B3-C5F7C604E273}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0393F908-183C-4CE0-BD79-793DE565E783}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8C71CC94-352E-4648-AC9E-E53D00F37F6A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{DC50887B-05F7-4502-9AB3-EC14784DE52B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5DB4350-2CE3-4965-AE72-9C796FB7DA4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{35063B0C-4953-459D-A405-8B78D49C101E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{ACB65E45-6819-4891-8ED4-60649491935B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{50CA1968-0700-4017-A21E-AA22004B35AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C00E400-1F11-4A32-9C97-CA6A36A3D513}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2A0697-105E-4BC8-B9C0-88C093B47194}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52F50906-5B06-49A5-A2A8-5CEF642296F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3C91C35D-CF09-4B89-A2F9-496BCD4C5FC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23EF5EFB-4937-4094-86D4-79651D8FA6AC}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

==================== Restore Points =========================

27-02-2021 20:10:35 Installed LEGO® Harry Potter™: Years 5-7 DEMO
07-03-2021 19:35:00 AdwCleaner_BeforeCleaning_07/03/2021_19:34:50

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/11/2021 10:22:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12040,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 10:14:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2560,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 10:08:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4016,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 09:42:06 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8784,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 09:28:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9388,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 09:00:19 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1808,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 08:19:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13500,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/11/2021 02:48:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9104,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/11/2021 10:03:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/11/2021 09:59:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/11/2021 09:58:31 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000000a (0x0000000000000040, 0x0000000000000002, 0x0000000000000001, 0xfffff800322fd8aa). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: 51141070-08b4-4571-95a5-19c9a7cb1706

Error: (03/11/2021 09:58:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAntivirusIC neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/11/2021 09:58:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAntivirusSvc neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/11/2021 09:57:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (9:51:52 PM, ‎3/‎11/‎2021) bylo neočekávané.

Error: (03/11/2021 09:21:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (03/11/2021 10:11:13 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-03-10 10:30:45.330
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {F59D7226-FD7D-4DD0-B0F4-962FF6944A5B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-03-08 20:33:52.285
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2610.0, AS: 1.331.2610.0, NIS: 1.331.2610.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-07 19:46:22.433
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\real-time protection\\DisableBehaviorMonitoring
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2500.0, AS: 1.331.2500.0, NIS: 1.331.2500.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-06 18:26:28.206
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2500.0, AS: 1.331.2500.0, NIS: 1.331.2500.0
Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5

Date: 2021-03-06 11:00:31.374
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: VirTool:Win32/DefenderTamperingRestore
Závažnost: Vážné
Kategorie: Nástroj
Cesta: regkeyvalue:_hklm\software\policies\microsoft\windows defender\\DisableAntiSpyware
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.331.2432.0, AS: 1.331.2432.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.17800.5, NIS: 0.0.0.0

Date: 2021-03-10 09:16:42.244
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.2610.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-03-07 19:40:35.469
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.2500.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240017
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-02-24 12:23:38.516
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.1570.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-02-11 10:06:34.238
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.331.612.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17800.5
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2021-01-31 16:26:57.918
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.3013.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

==================== Memory info ===========================

BIOS: LENOVO D7CN33WW(V3.06) 10/11/2016
Motherboard: LENOVO Lenovo E51-80
Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 3954.76 MB
Available physical RAM: 1060.23 MB
Total Virtual: 9074.76 MB
Available Virtual: 5188.57 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.23 GB) (Free:750.42 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) NTFS

\\?\Volume{6c3fa5a0-0174-47ec-9620-50fa9d879456}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{e5a533a5-59c4-46c1-a763-e04321dd8ea9}\ (LENOVO_PART) (Fixed) (Total:20.06 GB) (Free:8.52 GB) NTFS
\\?\Volume{d776d5a8-d836-456e-bd52-14bf61297784}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6199B984)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu - viz log z FRST

Napsal: 11 bře 2021 22:35
od Diallix
Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\FunnyKacele

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [Taskbar system] => C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe [918040 2021-01-13] (Globalhop Ltd TOO -> )
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION
S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION
R2 FunnyKacele; C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe [30701040 2018-05-04] (Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use]
S3 MpKsleafcf821; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B47301A-6241-4B40-907B-AF4787FF3762}\MpKslDrv.sys [X]
S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Re: Prosím o kontrolu - viz log z FRST

Napsal: 12 bře 2021 23:31
od vrchlab
Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Kopci (12-03-2021 23:12:31) Run:2
Running from C:\Users\Kopci\Desktop
Loaded Profiles: defaultuser0 & Kopci
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

C:\Program Files (x86)\FunnyKacele

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [Taskbar system] => C:\Users\Kopci\AppData\Local\Programs\Taskbar system\TaskbarSystem.exe [918040 2021-01-13] (Globalhop Ltd TOO -> )
S2 SAntivirusIC; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusIC.exe -service [X] <==== ATTENTION
S2 SAntivirusSvc; C:\Program Files (x86)\Digital Communications\SAntivirus\SAntivirusService.exe [X] <==== ATTENTION
R2 FunnyKacele; C:\Program Files (x86)\FunnyKacele\FunnyKacele.exe [30701040 2018-05-04] (Apps Delivered Ltd -> Funny Kacele) [File not signed] [File is in use]
S3 MpKsleafcf821; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B47301A-6241-4B40-907B-AF4787FF3762}\MpKslDrv.sys [X]
S1 TASANTIVIRUSKD; \??\C:\Program Files (x86)\Digital Communications\SAntivirus\TASAntivirusKD.sys [X] <==== ATTENTION


*****************

Processes closed successfully.
Restore point was successfully created.
C:\Program Files (x86)\FunnyKacele => moved successfully
"HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Taskbar system" => removed successfully
SAntivirusIC => service not found.
SAntivirusSvc => service not found.
FunnyKacele => service not found.
MpKsleafcf821 => service not found.
TASANTIVIRUSKD => service not found.


The system needed a reboot.

==== End of Fixlog 23:13:54 ====

Re: Prosím o kontrolu - viz log z FRST

Napsal: 12 bře 2021 23:34
od Diallix
Dobre. poprosim o nove logy frst a addition, ci je vsetko ok.

Re: Prosím o kontrolu - viz log z FRST

Napsal: 13 bře 2021 01:45
od vrchlab
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Kopci (administrator) on LAPTOP-HH1EQN5N (LENOVO 80QB) (13-03-2021 01:16:30)
Running from C:\Users\Kopci\Desktop
Loaded Profiles: Kopci
Platform: Windows 10 Home Version 20H2 19042.867 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kopci\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382824 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493992 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-08-11] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [Lenovo Smart Fingerprint] => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Kopci\AppData\Local\Microsoft\Teams\Update.exe [2453720 2021-02-25] (Microsoft 3rd Party Application Component -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B7A64AF-41E2-4A98-8D6D-1A0AF0E7ED3D} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {0C31DF8D-81A4-489E-AC63-19ECAD90E93C} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {20CC5D35-6588-4513-8287-B6EA51CD49F3} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {227B0B35-DA77-46F3-9DCF-CF593A24B789} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {29CCEDAC-180F-4086-A873-5CF401966497} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A46C4CE-A277-497A-B599-0F9C86F19B7F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3AD8077C-808E-4BEF-8C18-73D591F29EE5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {3FCC52CC-B17F-4F29-AF9E-1952668D655F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {463CBE02-7D95-487B-BC2F-15E6B4BE440C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D7FE370-0268-4F37-8C09-F692339CC68C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {5F2BE04C-DF43-4441-BA87-AF2FAB189A74} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F40EA3F-BAAC-4285-8286-9B257B8649B7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {675392BF-29EB-4512-A46A-9E4F5E0137DC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6EA656A2-D79A-4CA9-9823-F1271FA290D2} - System32\Tasks\Lenovo\fplmonitorConnect => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {7B0DFC7C-EED3-4F3D-A4E2-2113C188ABA2} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7F2A58CC-CE18-44EF-B47A-4BF3AE16DD76} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe [15768 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
Task: {9A28B4DF-0225-44B5-8A59-5BE5574DF396} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ab7fe532-b805-46bb-bfb4-026d5274fc52 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {9AC3B290-EF6E-4C5A-9BC2-FA30BB8C6CCB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3127be0c-553a-4ac5-b998-04f53a60d143 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {9F57B96C-2726-46F7-923D-EE82324289C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFA1F844-B873-4B2C-ABAE-0FD04AADA7F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B585A55B-EC11-40B8-822E-41AC68AA9B74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA5589F5-363D-402E-886C-56770A4CBCD8} - System32\Tasks\Lenovo\fplmonitor => C:\Program Files (x86)\Lenovo\Lenovo Smart Fingerprint\fplmonitor.exe [1761208 2015-09-25] (LENOVO -> Lenovo)
Task: {C686002C-2ED0-4349-A479-ABD734A978DA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133488 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C91368E0-6C17-428C-A951-070E3CC250CC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {CEC493DC-1B6B-4FBF-8823-63237A273B37} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {D4E2A5D7-AE19-4F20-A5CF-9F30C90F44FB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0d7e01b2-6dc7-4252-b64d-17eaefcf1406 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {D71E4AA2-EFF8-41D2-9B53-3B1F68AE872E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {E8975FB6-D236-44C8-9179-AF9BD682BF88} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB5AB52B-5656-477B-BDFA-9DC57E9465FB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1d3a9928-58d0-454d-b77e-fe8da2ff2019 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
Task: {F22F6641-7594-4471-886C-B4AB12488B68} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F59A1B2B-4E32-4FAE-AFB1-97BB163A1A62} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F63D47B8-38E2-4E22-A98D-78DB7FC1A7C3} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5bdce1b0-6c55-4811-8821-86e83bfe7d28}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7370f33a-094d-4166-896c-c94ded8f462e}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ba844273-ed17-44ac-bbbf-eefe42da4ab5}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kopci\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-12]

FireFox:
========
FF DefaultProfile: k5b7neg4.default
FF ProfilePath: C:\Users\Kopci\AppData\Roaming\Mozilla\Firefox\Profiles\k5b7neg4.default [2021-03-13]
FF Session Restore: Mozilla\Firefox\Profiles\k5b7neg4.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\k5b7neg4.default -> hxxps://www.slevomat.cz; hxxps://online.rb.cz
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84920 2021-02-23] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\LenovoVantageService.exe [20880 2020-12-28] (Lenovo -> Lenovo Group Ltd.)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-25] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 MpKsld92b1f0d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{24FB2F44-CCB8-40C0-B7C6-1768D5DEA776}\MpKslDrv.sys [90360 2021-03-12] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-05-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-12 07:47 - 2021-03-12 07:47 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-03-12 07:40 - 2021-03-12 07:40 - 000000020 ___SH C:\Users\Kopci\ntuser.ini
2021-03-12 07:38 - 2021-03-12 23:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-12 07:38 - 2021-03-12 07:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-03-12 07:38 - 2021-03-12 07:39 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-12 07:38 - 2021-03-12 07:39 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-12 07:38 - 2021-03-12 07:39 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-12 07:38 - 2021-03-12 07:39 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3044413106-2186633788-3405021347-1001
2021-03-12 07:38 - 2021-03-12 07:39 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-03-12 07:38 - 2021-03-12 07:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-12 07:36 - 2021-03-12 07:38 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-03-12 07:36 - 2021-03-12 07:38 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-03-12 07:30 - 2021-03-12 23:25 - 002324300 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-12 07:13 - 2017-04-21 01:17 - 000113680 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-03-12 07:13 - 2017-04-21 01:17 - 000104464 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2021-03-12 07:08 - 2021-03-13 01:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-12 07:08 - 2021-03-12 23:20 - 000528208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 07:08 - 2021-03-12 23:20 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-12 07:07 - 2021-03-12 07:40 - 000000000 ____D C:\Windows.old
2021-03-12 02:44 - 2021-03-12 07:07 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-03-12 02:42 - 2021-03-12 07:40 - 000000000 ____D C:\Users\Kopci
2021-03-12 02:42 - 2021-03-12 07:27 - 000000000 ____D C:\Users\defaultuser0
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Šablony
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Soubory cookie
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Poslední
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Okolní tiskárny
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Okolní síť
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Nabídka Start
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Dokumenty
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Documents\Obrázky
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Documents\Hudba
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Documents\Filmy
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\Data aplikací
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\Kopci\AppData\Local\Data aplikací
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Šablony
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Soubory cookie
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Poslední
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Okolní tiskárny
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Okolní síť
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Nabídka Start
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Dokumenty
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Obrázky
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Hudba
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Documents\Filmy
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\Data aplikací
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2021-03-12 02:42 - 2021-03-12 02:42 - 000000000 _SHDL C:\Users\defaultuser0\AppData\Local\Data aplikací
2021-03-12 02:42 - 2019-12-07 10:10 - 000001105 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-12 02:42 - 2019-12-07 10:10 - 000001105 _____ C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-12 02:34 - 2021-03-12 02:44 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-03-12 02:24 - 2021-03-12 02:24 - 000000000 ____D C:\ProgramData\ssh
2021-03-12 02:08 - 2021-03-12 02:08 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 02:08 - 2021-03-12 02:08 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-03-12 02:08 - 2021-03-12 02:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-03-12 02:08 - 2021-03-12 02:08 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-03-12 02:08 - 2021-03-12 02:08 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-03-12 02:08 - 2021-03-12 02:08 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-03-12 02:08 - 2021-03-12 02:08 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-03-12 02:08 - 2021-03-12 02:08 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-03-12 02:08 - 2021-03-12 02:08 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-03-12 02:08 - 2021-03-12 02:08 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-03-12 02:08 - 2021-03-12 02:08 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-03-12 02:07 - 2021-03-12 02:07 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-03-12 02:07 - 2021-03-12 02:07 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-03-12 02:07 - 2021-03-12 02:07 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-03-12 02:07 - 2021-03-12 02:07 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-03-12 02:07 - 2021-03-12 02:07 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-03-12 02:07 - 2021-03-12 02:07 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 02:06 - 2021-03-12 02:06 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 02:06 - 2021-03-12 02:06 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-03-12 02:06 - 2021-03-12 02:06 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-03-12 02:06 - 2021-03-12 02:06 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-03-12 02:06 - 2021-03-12 02:06 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-03-12 02:06 - 2021-03-12 02:06 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-12 02:05 - 2021-03-12 02:05 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-03-12 02:05 - 2021-03-12 02:05 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-03-12 02:05 - 2021-03-12 02:05 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-03-12 02:05 - 2021-03-12 02:05 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-03-12 02:05 - 2021-03-12 02:05 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-03-12 02:05 - 2021-03-12 02:05 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-03-12 02:04 - 2021-03-12 02:04 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-03-12 02:04 - 2021-03-12 02:04 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 02:04 - 2021-03-12 02:04 - 000455680 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-03-12 02:04 - 2021-03-12 02:04 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-03-12 02:04 - 2021-03-12 02:04 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 02:03 - 2021-03-12 02:03 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-03-12 02:03 - 2021-03-12 02:03 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-03-12 02:03 - 2021-03-12 02:03 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-03-12 02:03 - 2021-03-12 02:03 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-03-12 02:03 - 2021-03-12 02:03 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-03-12 02:02 - 2021-03-12 02:02 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-03-12 02:02 - 2021-03-12 02:02 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-03-12 02:01 - 2021-03-12 02:01 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-03-12 02:01 - 2021-03-12 02:01 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 02:01 - 2021-03-12 02:01 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-12 02:01 - 2021-03-12 02:01 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-03-12 02:01 - 2021-03-12 02:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-03-12 02:01 - 2021-03-12 02:01 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-03-12 02:01 - 2021-03-12 02:01 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-03-12 02:01 - 2021-03-12 02:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-03-12 02:01 - 2021-03-12 02:01 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-03-12 02:01 - 2021-03-12 02:01 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-03-12 02:00 - 2021-03-12 02:00 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-12 02:00 - 2021-03-12 02:00 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-03-12 02:00 - 2021-03-12 02:00 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-12 01:59 - 2021-03-12 01:59 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-03-12 01:59 - 2021-03-12 01:59 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-03-12 01:59 - 2021-03-12 01:59 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 01:59 - 2021-03-12 01:59 - 000643072 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-03-12 01:59 - 2021-03-12 01:59 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-03-12 01:59 - 2021-03-12 01:59 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-03-12 01:59 - 2021-03-12 01:59 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-03-12 01:58 - 2021-03-12 01:58 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-03-12 01:58 - 2021-03-12 01:58 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-03-12 01:58 - 2021-03-12 01:58 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-03-12 01:57 - 2021-03-12 01:57 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-03-12 01:57 - 2021-03-12 01:57 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-03-12 01:57 - 2021-03-12 01:57 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-03-12 01:57 - 2021-03-12 01:57 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-03-12 01:57 - 2021-03-12 01:57 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-03-12 01:30 - 2021-03-12 01:30 - 012023100 _____ C:\WINDOWS\system32\korwbrkr.lex
2021-03-12 01:26 - 2021-03-12 01:26 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-03-12 01:26 - 2021-03-12 01:26 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-03-12 01:25 - 2021-03-12 23:25 - 000490424 _____ C:\WINDOWS\system32\perfh012.dat
2021-03-12 01:25 - 2021-03-12 23:25 - 000134396 _____ C:\WINDOWS\system32\perfc012.dat
2021-03-12 01:25 - 2021-03-12 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\ko
2021-03-12 01:25 - 2021-03-12 01:24 - 000159618 _____ C:\WINDOWS\system32\perfi012.dat
2021-03-12 01:25 - 2021-03-12 01:24 - 000033406 _____ C:\WINDOWS\system32\perfd012.dat
2021-03-12 01:24 - 2021-03-12 01:24 - 000000000 ____D C:\WINDOWS\system32\ko
2021-03-12 01:15 - 2021-03-12 23:25 - 000721822 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-12 01:15 - 2021-03-12 23:25 - 000146848 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-12 01:15 - 2021-03-12 01:25 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-03-12 01:15 - 2021-03-12 01:15 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-03-12 01:15 - 2021-03-12 01:15 - 000000000 ____D C:\WINDOWS\system32\cs
2021-03-12 01:15 - 2021-03-12 01:14 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-03-12 01:15 - 2021-03-12 01:14 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-03-12 01:04 - 2021-03-12 01:04 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-03-12 01:04 - 2021-03-12 01:04 - 000000000 ____D C:\Program Files\MSBuild
2021-03-12 01:04 - 2021-03-12 01:04 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-03-12 01:04 - 2021-03-12 01:04 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-03-12 00:51 - 2021-03-12 00:51 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-03-11 22:41 - 2021-03-12 07:40 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-10 20:45 - 2021-03-12 23:13 - 000001772 _____ C:\Users\Kopci\Desktop\Fixlog.txt
2021-03-10 20:44 - 2021-03-12 23:10 - 000000937 _____ C:\Users\Kopci\Documents\fixlist.txt
2021-03-10 10:47 - 2021-03-10 10:47 - 000000000 ___HD C:\$WinREAgent
2021-03-07 19:56 - 2021-03-07 19:56 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\santivirusclient
2021-03-07 19:32 - 2021-03-07 19:39 - 000000000 ____D C:\AdwCleaner
2021-03-07 19:28 - 2021-03-07 19:28 - 008463216 _____ (Malwarebytes) C:\Users\Kopci\Desktop\adwcleaner_8.1.exe
2021-03-06 18:22 - 2021-03-11 21:57 - 781368987 _____ C:\WINDOWS\MEMORY.DMP
2021-03-06 11:19 - 2021-03-11 22:26 - 000035648 _____ C:\Users\Kopci\Desktop\Addition.txt
2021-03-06 11:13 - 2021-03-13 01:19 - 000019071 _____ C:\Users\Kopci\Desktop\FRST.txt
2021-03-06 11:13 - 2021-03-13 01:17 - 000000000 ____D C:\FRST
2021-03-06 11:10 - 2021-03-06 11:10 - 002301440 _____ (Farbar) C:\Users\Kopci\Desktop\FRST64.exe
2021-03-03 09:25 - 2021-02-23 18:24 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2021-03-03 09:25 - 2021-02-23 18:24 - 000062368 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2021-03-03 09:25 - 2021-02-23 18:23 - 000429936 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\SAntivirus
2021-02-27 20:45 - 2021-02-27 20:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAntivirus
2021-02-27 20:44 - 2021-03-12 07:07 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbar system
2021-02-27 20:44 - 2021-02-27 20:44 - 000000000 ____D C:\Users\Kopci\AppData\Local\TaskbarSystem
2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ C:\Users\Kopci\AppData\Local\partner.bmp
2021-02-27 20:43 - 2021-02-27 20:43 - 000000000 _____ C:\Users\Kopci\Downloads\LEGO Harry Potter
2021-02-27 20:42 - 2021-02-27 20:43 - 000000000 ____D C:\Program Files (x86)\ExhaustingGovernmentphoInstall
2021-02-27 20:25 - 2021-02-27 20:25 - 000000000 ____D C:\Program Files (x86)\WB Games
2021-02-27 18:13 - 2021-02-27 19:23 - 764398929 _____ C:\Users\Kopci\Downloads\LEGO.Harry.Potter.5-7.zip.part
2021-02-26 15:13 - 2021-02-28 13:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-21 20:25 - 2021-03-11 21:07 - 000000000 ____D C:\Users\Kopci\Desktop\random fotky xd
2021-02-15 09:00 - 2021-02-15 09:00 - 000083288 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\Zoom_cm_fik4fkwZ9vvrZo4_muA1SOBB4sC925lOx0QoYuFfREgy+6cQB5gAX@-SoVtX4uj4nOWPPM_k5d14e1340bf434a7_.exe
2021-02-15 08:23 - 2021-03-12 07:07 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2021-02-15 08:22 - 2021-02-15 08:23 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Zoom
2021-02-15 08:22 - 2021-02-15 08:22 - 015135752 _____ (Zoom Video Communications, Inc.) C:\Users\Kopci\Downloads\ZoomInstaller.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-13 01:16 - 2019-02-21 21:41 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-13 01:16 - 2016-12-25 21:35 - 000000000 ____D C:\Users\Kopci\AppData\LocalLow\Mozilla
2021-03-13 01:15 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-12 23:28 - 2016-12-25 22:55 - 000000000 ____D C:\Program Files\CCleaner
2021-03-12 23:28 - 2016-12-25 09:33 - 000000000 __SHD C:\Users\Kopci\IntelGraphicsProfiles
2021-03-12 23:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-12 23:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-12 23:20 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-12 23:20 - 2017-09-03 13:57 - 000000000 ____D C:\ProgramData\Synaptics
2021-03-12 14:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-12 13:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-12 13:16 - 2020-09-03 16:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-03-12 13:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-12 08:01 - 2017-10-18 22:33 - 000000000 ____D C:\Users\Kopci\AppData\Local\Packages
2021-03-12 07:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-03-12 07:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-03-12 07:46 - 2016-12-25 09:34 - 000000000 ____D C:\Users\Kopci\AppData\Local\Lenovo
2021-03-12 07:43 - 2018-07-04 19:30 - 000000000 ____D C:\ProgramData\Packages
2021-03-12 07:42 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-12 07:42 - 2017-10-19 19:48 - 000000000 ___RD C:\Users\Kopci\3D Objects
2021-03-12 07:42 - 2015-11-03 20:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-03-12 07:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 07:39 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-03-12 07:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-03-12 07:35 - 2016-05-28 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2021-03-12 07:30 - 2020-09-07 20:14 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-12 07:30 - 2020-09-07 20:14 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-03-12 07:30 - 2020-09-07 20:14 - 000002281 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-03-12 07:14 - 2020-03-14 18:25 - 000312687 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2021-03-12 07:14 - 2020-03-14 18:24 - 000000000 ____D C:\WINDOWS\system32\DAX3
2021-03-12 07:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-12 07:14 - 2017-08-16 00:14 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-03-12 07:14 - 2017-08-16 00:14 - 000000000 ____D C:\WINDOWS\system32\DAX2
2021-03-12 07:14 - 2017-08-16 00:13 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2021-03-12 07:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-03-12 07:11 - 2016-05-28 15:13 - 000000000 ____D C:\ProgramData\Lenovo
2021-03-12 07:10 - 2020-03-12 20:53 - 000000000 ____D C:\WINDOWS\Lenovo
2021-03-12 07:09 - 2019-12-07 10:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-03-12 07:08 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-03-12 07:08 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-03-12 07:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-03-12 07:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-03-12 07:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-03-12 07:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-03-12 07:08 - 2016-05-28 15:38 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2021-03-12 07:07 - 2020-11-30 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-03-12 07:07 - 2020-09-16 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-03-12 07:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-03-12 07:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-12 07:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2021-03-12 07:07 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-12 07:07 - 2018-06-14 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Callisto 5 FREE
2021-03-12 07:07 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-03-12 07:07 - 2017-08-16 00:13 - 000000000 ____D C:\Program Files\Intel
2021-03-12 07:07 - 2017-05-23 08:26 - 000000000 ____D C:\Program Files\UNP
2021-03-12 07:07 - 2016-12-25 23:48 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-12 07:07 - 2016-12-25 23:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-12 07:07 - 2016-12-25 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-12 07:07 - 2016-12-25 21:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2021-03-12 07:07 - 2016-05-28 15:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-03-12 07:07 - 2016-05-28 15:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2021-03-12 07:07 - 2016-05-28 14:55 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-03-12 07:07 - 2015-10-30 08:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-03-12 07:02 - 2019-12-07 10:18 - 000000000 ____D C:\WINDOWS\Setup
2021-03-12 03:06 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-03-12 02:46 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-03-12 02:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 02:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 02:45 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-03-12 02:44 - 2020-03-07 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-03-12 02:44 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-03-12 02:44 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-03-12 02:44 - 2019-12-07 10:51 - 000000000 ____D C:\WINDOWS\OCR
2021-03-12 02:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Resources
2021-03-12 02:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-12 02:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Help
2021-03-12 02:44 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-12 02:44 - 2017-08-16 00:13 - 000000000 ____D C:\Program Files\Realtek
2021-03-12 02:44 - 2017-08-16 00:12 - 000000000 ____D C:\Program Files\Synaptics
2021-03-12 02:43 - 2017-10-18 22:34 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Packages
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-03-12 02:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-03-12 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-12 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-03-12 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-12 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-03-12 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 02:24 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-03-12 02:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-03-12 02:21 - 2019-12-07 10:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-03-12 02:21 - 2019-12-07 10:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-03-12 01:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-03-12 01:25 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-03-12 01:25 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-03-12 01:25 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-03-12 01:25 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-03-12 01:25 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-03-12 01:25 - 2019-12-07 10:49 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-03-12 01:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-03-12 01:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-03-12 01:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-03-11 21:54 - 2020-04-24 10:40 - 000000000 ____D C:\Users\Kopci\Desktop\word gyby
2021-03-10 20:54 - 2020-04-29 16:29 - 000000000 ____D C:\Users\Kopci\AppData\LocalLow\Temp
2021-03-10 11:56 - 2016-12-25 20:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 11:52 - 2016-12-25 20:49 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-08 17:40 - 2020-04-24 10:42 - 000000000 ____D C:\Users\Kopci\Desktop\power point gyby
2021-03-07 19:40 - 2016-12-25 09:29 - 000000000 ____D C:\Users\defaultuser0\AppData\Local\Lenovo
2021-03-07 19:40 - 2016-05-28 15:07 - 000000000 ____D C:\Program Files\Lenovo
2021-03-07 19:40 - 2016-05-28 14:55 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-03-06 11:09 - 2018-02-17 23:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-06 10:55 - 2017-12-31 13:21 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-05 09:13 - 2016-05-28 14:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-05 00:55 - 2020-09-23 22:08 - 000000000 ____D C:\Users\Kopci\Documents\Soubory aplikace Outlook
2021-03-04 15:26 - 2020-11-30 20:42 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\vlc
2021-02-28 13:50 - 2016-12-25 22:45 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-28 13:48 - 2016-12-25 09:43 - 000000000 ___RD C:\Users\Kopci\OneDrive
2021-02-28 13:27 - 2016-12-25 21:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-27 18:10 - 2016-12-25 21:34 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-25 13:19 - 2020-04-09 14:54 - 000002375 _____ C:\Users\Kopci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-02-25 13:19 - 2019-09-22 08:24 - 000002367 _____ C:\Users\Kopci\Desktop\Microsoft Teams.lnk
2021-02-24 12:05 - 2019-03-30 16:33 - 000000000 ____D C:\Users\Kopci\AppData\Roaming\Opera Software
2021-02-23 18:24 - 2017-10-11 20:21 - 000107936 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-16 12:17 - 2020-11-30 20:42 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk

==================== Files in the root of some directories ========

2021-02-27 20:43 - 2021-02-27 20:43 - 000016438 _____ () C:\Users\Kopci\AppData\Local\partner.bmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Kopci (13-03-2021 01:32:06)
Running from C:\Users\Kopci\Desktop
Windows 10 Home Version 20H2 19042.867 (X64) (2021-03-12 06:40:06)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3044413106-2186633788-3405021347-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3044413106-2186633788-3405021347-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3044413106-2186633788-3405021347-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-3044413106-2186633788-3405021347-501 - Limited - Disabled)
Kopci (S-1-5-21-3044413106-2186633788-3405021347-1001 - Administrator - Enabled) => C:\Users\Kopci
WDAGUtilityAccount (S-1-5-21-3044413106-2186633788-3405021347-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{BB041B6A-FACB-4853-BEE9-814FE7F93BB2}) (Version: 17.1.1530.1669 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1544031f-5449-4415-b577-993c2a533a1b}) (Version: 18.12.2 - Intel Corporation)
LEGO® Harry Potter™: Years 5-7 DEMO (HKLM-x32\...\{AD665A16-AA0E-494A-A8CF-A7AFAD06C0F4}) (Version: 1.0.0.0 - WB Games)
Lenovo App Explorer (HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\...\Host App Service) (Version: 0.272.1.559 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Business Vantage (HKLM-x32\...\{BAAE4B9C-8D26-44AF-BCE8-181C8F4A8D5B}_is1) (Version: 3.0.2.3 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Smart Fingerprint (HKLM-x32\...\{90C700B4-BC7E-4628-867C-FC8622F0DAD9}_is1) (Version: 1.0.0.50 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.5.27.0 - Lenovo Group Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 - ko-kr (HKLM\...\O365HomePremRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\Teams) (Version: 1.4.00.4167 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0412-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29088 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.7 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.289.0 - )
Synaptics WBF DDK 5011 (HKLM\...\{9062E143-DEDB-4F8C-B5B8-30AEC328400C}) (Version: 4.5.289.0 - Synaptics)
Taskbar system version 1.0.0.2 (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\{C40E1200-5BEC-410C-B3C5-F7B475729D42}_is1) (Version: 1.0.0.2 - Taskbar system)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.17057 - Microsoft Corporation)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.36 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-4) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-5) (Version: 1.0.33.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.3.6) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\ZoomUMX) (Version: 5.5.2 (12494.0204) - Zoom Video Communications, Inc.)
엔터프라이즈용 Microsoft 365 앱 - ko-kr (HKLM\...\O365ProPlusRetail - ko-kr) (Version: 16.0.13801.20266 - Microsoft Corporation)

Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.188.300.0_x86__kgqvnymyfvs32 [2021-03-05] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-05-27] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2019-09-14] (Facebook Inc)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-20] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2101.29.0_x64__k1h2ywk1493x8 [2021-01-25] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.21005.0_x64__8wekyb3d8bbwe [2021-03-12] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-23] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_6.5.0.0_x86__g0q0z3kw54rap [2021-02-09] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-10-04] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Video Cutter & Compressor -> C:\Program Files\WindowsApps\24711Mixilab.VideoCutterCompressor_2.0.1.0_x64__c39s816dkej80 [2020-02-17] (Mixilab) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxDTCM.dll [2017-04-21] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-07 14:55 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-03-07 14:55 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-07-22 18:44 - 2015-07-22 18:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-02-07 11:51 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\x64\SQLite.Interop.dll
2021-03-12 07:53 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-03-12 07:50 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-03-07 14:55 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3044413106-2186633788-3405021347-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kopci\Desktop\wallpapeeeerssss\se tapetaaa.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{23EF5EFB-4937-4094-86D4-79651D8FA6AC}] => (Allow) C:\Users\Kopci\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3C91C35D-CF09-4B89-A2F9-496BCD4C5FC4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52F50906-5B06-49A5-A2A8-5CEF642296F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BE2A0697-105E-4BC8-B9C0-88C093B47194}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C00E400-1F11-4A32-9C97-CA6A36A3D513}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{50CA1968-0700-4017-A21E-AA22004B35AD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{ACB65E45-6819-4891-8ED4-60649491935B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{35063B0C-4953-459D-A405-8B78D49C101E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E5DB4350-2CE3-4965-AE72-9C796FB7DA4F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC50887B-05F7-4502-9AB3-EC14784DE52B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C71CC94-352E-4648-AC9E-E53D00F37F6A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{0393F908-183C-4CE0-BD79-793DE565E783}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D9DB305C-E233-46A8-A2B3-C5F7C604E273}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1812297-088D-4302-AC15-1B0F987743EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{27EE67D4-5A5B-4368-95D4-2BAF4BF405D6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4A54488B-5F00-4C81-8E84-D1CA8FF403E8}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{FFAFE8E1-E8F4-4149-B310-66C5096038B9}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{351BA8B9-0251-45E4-8A68-37460447537D}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1EFA947E-0003-4D2B-B77A-B158399053F4}C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\kopci\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

12-03-2021 13:12:42 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/12/2021 11:14:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (03/12/2021 07:53:26 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/12/2021 07:50:27 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (03/12/2021 07:49:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LockApp.exe verze 10.0.19041.844 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1b30

Čas spuštění: 01d7170b8d003ebf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

ID hlášení: 9db44b29-d628-4099-ba24-75b4533700d8

Úplný název balíčku s chybou: Microsoft.LockApp_10.0.19041.423_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: WindowsDefaultLockScreen

Typ zablokování: Cross-thread

Error: (03/12/2021 07:28:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí IntelWLANEventProvider se pokusil zaregistrovat dotaz select * from CIntelQosEvent, jehož cílová třída CIntelQosEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (03/12/2021 07:28:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí IntelWLANEventProvider se pokusil zaregistrovat dotaz select * from CIntelDot1xEvent, jehož cílová třída CIntelDot1xEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (03/12/2021 07:28:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí IntelWLANEventProvider se pokusil zaregistrovat dotaz select * from CIntelWLANEvent, jehož cílová třída CIntelWLANEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.

Error: (03/12/2021 07:28:27 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Zprostředkovatel událostí se pokusil zaregistrovat dotaz select * from CIntelQosEvent, jehož cílová třída CIntelQosEvent v oboru názvů //./ROOT/default neexistuje. Dotaz bude ignorován.


System errors:
=============
Error: (03/12/2021 11:33:14 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2021 11:28:27 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2021 11:19:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (03/12/2021 11:19:53 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (03/12/2021 11:18:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll

Error: (03/12/2021 11:18:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-HH1EQN5N)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/12/2021 11:12:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/12/2021 11:12:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.


==================== Memory info ===========================

BIOS: LENOVO D7CN33WW(V3.06) 10/11/2016
Motherboard: LENOVO Lenovo E51-80
Processor: Intel(R) Core(TM) i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 70%
Total physical RAM: 3954.76 MB
Available physical RAM: 1160.37 MB
Total Virtual: 9074.76 MB
Available Virtual: 4410.55 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:884.23 GB) (Free:740.47 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.91 GB) NTFS

\\?\Volume{6c3fa5a0-0174-47ec-9620-50fa9d879456}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{e5a533a5-59c4-46c1-a763-e04321dd8ea9}\ (LENOVO_PART) (Fixed) (Total:20.06 GB) (Free:8.52 GB) NTFS
\\?\Volume{d776d5a8-d836-456e-bd52-14bf61297784}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6199B984)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Prosím o kontrolu - viz log z FRST

Napsal: 13 bře 2021 08:46
od Diallix
Fuha, super. Uz je to ciste.

Urobime posledne docistenie zbytocnosti:

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Pocitac sa restartovat nebude.


Nemate nainstalovany ziaden antivirus. Doporucujem nainstalovat AntiVirus - Avira.

Re: Prosím o kontrolu - viz log z FRST

Napsal: 13 bře 2021 19:16
od vrchlab
Fix result of Farbar Recovery Scan Tool (x64) Version: 13-03-2021
Ran by Kopci (13-03-2021 19:11:41) Run:3
Running from C:\Users\Kopci\Desktop
Loaded Profiles: defaultuser0 & Kopci
Boot Mode: Normal
==============================================

fixlist content:
*****************
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
CustomCLSID: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Kopci\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
IE trusted site: HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\...\sharepoint.com -> hxxps://gyby-files.sharepoint.com


*****************

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92} => removed successfully
HKU\S-1-5-21-3044413106-2186633788-3405021347-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com => removed successfully

==== End of Fixlog 19:11:41 ====
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz