Kontrola logu

Zpráva

martin06 · #1 Příspěvek od **martin06** » 17 srp 2021 22:15

Zdravím, mám problém s notasem, který mi včera přinesla kamarádka, jedná se o Lenovo G65-50.
1) problém č.1 je ten, že při loadingu se objeví logo Lenovo a dál nic, má se objevit rotující kolečko pod loge, musím zmáčknout nějaké tlačítko, aby loading proběhl k přihlášení.
2) po startu je to strašně pomalé, disk jede na 100% dokonce i ted cca po 15 minutách po zapnutí
3) sekne se touchpad, když připojím myš přes USB, tak myš funguje v poradku a nejde se připojit na wifi, nejde psát na klávesnici, vůbec nic.

Díky moc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by aneta (administrator) on LAPTOP-ARG2GTSE (LENOVO 80E3) (17-08-2021 22:36:50)
Running from C:\Users\aneta\OneDrive\Plocha
Loaded Profiles: aneta
Platform: Windows 10 Home Version 1909 18363.1556 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346112.inf_amd64_3ee723850dc00744\B345643\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346112.inf_amd64_3ee723850dc00744\B345643\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\aneta\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\aneta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3805928 2016-08-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [Chromium] => "c:\users\aneta\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A7FC9E2-1606-4CEB-8C62-7592BAB6B8B0} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {2855E4DF-6037-4F4C-87F1-AA4089424796} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {2A2F95CF-CF04-49E6-835E-6F05D43F854B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B075E3C-0308-4193-828E-402F42793789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {330973DA-E61C-49E3-BFCC-853212BB5BDF} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
Task: {3EC9E714-4B47-4FD6-864C-D5DBA3CD26B5} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {67C46766-AF92-4D79-9902-C47800CC5EF7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\aneta\Downloads\esetonlinescanner.exe [14860896 2020-11-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {6D15B2CF-D3CE-4130-832A-75C795C36336} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
Task: {811A2E18-9383-4983-ADDC-2921CC9DFD6B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {84EF7D8F-D08E-4253-9FBA-E55F213465AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {921A4AA3-F67D-4BA0-8440-5FA313BFDBAB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {94C58482-0970-4CDE-8E53-6B87E5157053} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\aneta\Downloads\esetonlinescanner.exe [14860896 2020-11-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {94FDC04A-FE39-4D66-9F41-B535828A38B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {B179EAE0-8075-4EFD-82BC-4AD59D15FC3F} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
Task: {B7BB061A-B234-4D64-B937-370EB808BC60} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [133215968 2021-08-17] (Microsoft Windows -> Microsoft Corporation)
Task: {C561DE3A-01C9-4519-A854-72F01DBB70B0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-979916062-1584005342-1777448076-1002" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {CA7CCE57-9F20-44E9-A1B0-DEE9DC7DD7EB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {E6CCEFF3-3A0C-4E76-B4DE-BA8CA3D4B3E9} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {F08FC951-4BF0-47E3-8F73-68A76921EACE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {F991AD88-CB8F-4F77-B401-ECE095D4F94F} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FA7A7A43-0B43-4D74-8107-2562CCFDF35D} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203
Tcpip\..\Interfaces\{1d745ca5-d19f-4a70-b29f-6fe21588b458}: [DhcpNameServer] 150.207.1.3
Tcpip\..\Interfaces\{ac44e563-94ab-4453-abfb-eb8f7fa09664}: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203
Tcpip\..\Interfaces\{e83529f5-0d7e-47f7-80d5-265e98a76cea}: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aneta\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-17]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-01] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-01] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default [2021-08-17]
CHR Notifications: Default -> hxxps://www.freefilm.to; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vfl8qSV2F.ico
CHR Extension: (Prezentace) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-06-05]
CHR Extension: (Lev berberský) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aimchadgabkgfdgafegbpdngblijbjnn [2017-11-30]
CHR Extension: (Vzory objednávky & Jak ji napsat | Vz...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfbghpojlhiigjffeinpgceclhaodcc [2017-12-02]
CHR Extension: (tapety na plochu jaro - Hledat Googlem) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ankpbddckgpmcfhdgbncdfmbbkmjllcm [2017-06-08]
CHR Extension: (Dokumenty) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-27]
CHR Extension: (Twitter) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbniebmoflhomonmkjbhjdafagjnlpl [2017-09-17]
CHR Extension: (Nejyrychlejší náramky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnkkegjpikocmjbpkhdphkbglaofmdeh [2017-09-16]
CHR Extension: (BK Mladá Boleslav - Fotky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiinkekgcbgfmgkhiacalhoblajfmnhg [2017-06-08]
CHR Extension: (První náramek) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\elpnfokodflplieomhjmioegcmfhmamp [2017-09-16]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Divoké derby v Boleslavi! Ostrá bitka...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodjkcmaajpioekeadhnocdbihpmmpjc [2017-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-07]
CHR Extension: (Podstatná jména v němčině | Gramatika...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioohphjdbfnjgjbdjfdcoiogeccoplfe [2017-10-03]
CHR Extension: (Notebook stolek Vincent : Expres nábytek) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpalnflahbhembojfebgppgmlmjlodlo [2017-10-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Náramky různé z korálků bavlnek | Mim...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojeoghkcmjdldnlgfpagachjgfpbjomk [2017-09-16]
CHR Extension: (Divá Bára – rozbor díla k maturitě (2...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmfgbgfnjjfcijoenjinbbjcakpdaba [2017-12-11]
CHR Extension: (Ocean) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2017-10-20]
CHR Extension: (Gmail) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2020-02-12] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-08] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2019-09-23] (ESET, spol. s r.o. -> ESET)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 21:53 - 2021-08-17 21:53 - 000000000 ___HD C:\$WINDOWS.~BT
2021-08-17 21:44 - 2021-08-17 21:44 - 000000000 ___HD C:\$WinREAgent
2021-08-17 20:31 - 2021-08-17 20:31 - 002300416 _____ (Farbar) C:\Users\aneta\Downloads\FRST64 (3).exe
2021-08-17 20:31 - 2021-08-17 20:31 - 002300416 _____ (Farbar) C:\Users\aneta\Downloads\FRST64 (2).exe
2021-08-17 19:42 - 2021-08-17 19:42 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2021-08-08 10:24 - 2021-08-08 10:24 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-08 10:24 - 2021-08-08 10:24 - 000146844 _____ C:\Users\aneta\Downloads\CertifikatTestu (1).pdf
2021-08-08 10:24 - 2021-08-08 10:23 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-08 10:22 - 2021-08-08 10:22 - 000145074 _____ C:\Users\aneta\Downloads\OckovaciCertifikat (1).pdf
2021-08-08 10:21 - 2021-08-08 10:21 - 000159739 _____ C:\Users\aneta\Downloads\i55ewbbe.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 22:37 - 2020-11-01 18:31 - 000000000 ____D C:\FRST
2021-08-17 22:33 - 2020-11-01 12:47 - 000000000 ____D C:\Program Files\CCleaner
2021-08-17 22:30 - 2017-05-27 17:49 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-17 22:29 - 2016-12-24 22:14 - 000000000 ___RD C:\Users\aneta\OneDrive
2021-08-17 22:28 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-17 22:27 - 2020-02-08 15:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-17 22:27 - 2020-02-01 14:03 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-17 22:26 - 2020-02-08 15:53 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-17 22:26 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-17 22:26 - 2017-06-16 18:54 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-08-17 22:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-17 22:11 - 2020-02-08 15:19 - 000000000 ____D C:\Users\aneta
2021-08-17 22:10 - 2016-12-25 22:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-17 22:06 - 2016-12-25 22:24 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-17 22:05 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-17 22:03 - 2020-02-08 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-17 21:29 - 2020-02-08 15:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-17 21:29 - 2020-02-01 14:06 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-08-17 21:24 - 2020-02-01 14:30 - 000000000 ____D C:\Users\aneta\AppData\Local\AVAST Software
2021-08-17 21:21 - 2020-02-08 15:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-17 21:21 - 2020-02-01 14:29 - 000000000 ____D C:\Users\aneta\AppData\Roaming\AVAST Software
2021-08-17 21:21 - 2020-02-01 14:04 - 000000000 ____D C:\Program Files\AVAST Software
2021-08-17 21:19 - 2020-11-01 12:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-17 20:42 - 2020-11-01 18:36 - 000038646 _____ C:\Users\aneta\Downloads\Addition.txt
2021-08-17 20:42 - 2020-11-01 18:32 - 000131996 _____ C:\Users\aneta\Downloads\FRST.txt
2021-08-17 19:41 - 2020-09-10 14:45 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-17 19:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-17 19:37 - 2020-11-02 17:41 - 000000000 ____D C:\Users\aneta\AppData\Local\D3DSCache
2021-08-16 19:07 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2021-08-16 18:45 - 2017-05-27 17:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-16 18:43 - 2020-09-10 14:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 18:43 - 2020-09-10 14:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 18:24 - 2020-11-01 12:47 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-08-08 10:24 - 2020-02-01 14:06 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-08-08 10:24 - 2020-02-01 14:06 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-08-08 10:24 - 2020-02-01 14:06 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-08-08 10:24 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-08 10:23 - 2021-06-01 16:05 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-08 10:23 - 2020-10-21 10:48 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-08-08 10:23 - 2020-04-19 16:50 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-08-06 08:36 - 2020-12-04 21:36 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-06 08:36 - 2020-12-04 21:36 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-06 08:34 - 2021-07-07 13:24 - 000002384 _____ C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-06 08:34 - 2020-02-08 15:53 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-979916062-1584005342-1777448076-1002
2021-07-27 12:14 - 2020-02-08 10:19 - 000000000 ____D C:\Users\aneta\AppData\Local\CrashDumps

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

martin06 · #2 Příspěvek od **martin06** » 17 srp 2021 22:16

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by aneta (17-08-2021 22:40:43)
Running from C:\Users\aneta\OneDrive\Plocha
Windows 10 Home Version 1909 18363.1556 (X64) (2020-02-08 13:54:36)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-979916062-1584005342-1777448076-500 - Administrator - Disabled)
aneta (S-1-5-21-979916062-1584005342-1777448076-1002 - Administrator - Enabled) => C:\Users\aneta
DefaultAccount (S-1-5-21-979916062-1584005342-1777448076-503 - Limited - Disabled)
Guest (S-1-5-21-979916062-1584005342-1777448076-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-979916062-1584005342-1777448076-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{23D86980-AD31-38E8-E1C0-E7B574B34C14}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D06A5649-3BDB-4F2C-9C38-AB25CD5102E2}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Packages:
=========
Ashampoo ImageFX -> C:\Program Files\WindowsApps\8B5997F6.AshampooImageFX_1.0.2.14_x64__zmaqd4ft1bcf6 [2018-02-16] (Ashampoo)
Avast Antivirus Download Center -> C:\Program Files\WindowsApps\51CA791E.AvastAntivirusDownloadCenter_1.20.6.0_x64__s1d0xtrs8dx04 [2020-10-15] (AVAST Software)
Bakaláři – oficiální aplikace -> C:\Program Files\WindowsApps\40325JJones.Bakali_2.2.16.0_x64__gq7k0ca1wra62 [2020-03-25] (JJones)
ČT sport -> C:\Program Files\WindowsApps\Ceskatelevize.Tsport_1.0.0.10_x64__ndqbq1wc819cy [2016-12-29] (Ceska televize)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2104.6.0_x64__6dqnvyezrysvy [2021-04-15] (Dailymotion)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.401.0_x64__rz1tebttyb220 [2021-04-24] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-23] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.0.0_x86__8xx8rvfyw5nnt [2021-04-03] (Facebook Inc)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2020-02-12] (Fitbit)
Hill Climb Racing -> C:\Program Files\WindowsApps\FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg [2019-10-15] (Fingersoft) [MS Ad]
Hockey Lingo -> C:\Program Files\WindowsApps\23740CodeCreators.ca.HockeyLingo_1.0.0.1_neutral__6mfwecr1e4j6a [2017-04-08] (CodeCreators.ca)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-14] (HP Inc.)
IceHockey++ -> C:\Program Files\WindowsApps\39288eOneSoft.IceHockey_2020.3.905.0_x64__60gzmx8dyyb64 [2019-08-31] (eOneSoft) [MS Ad]
iVysílání -> C:\Program Files\WindowsApps\Ceskatelevize.iVysln_1.2.0.0_x64__ndqbq1wc819cy [2019-05-26] (Ceska televize)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-02-16] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-12] (LENOVO INC.)
LiveArena Hockey -> C:\Program Files\WindowsApps\LiveArena.LiveArenaHockey_1.1.2.0_x64__j265m5nw31m1a [2017-09-09] (LiveArena)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-14] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.2.10190.0_x64__8wekyb3d8bbwe [2020-11-10] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Německá slovíčka [PMQ] -> C:\Program Files\WindowsApps\pmqsoftware.NmeckslovkaPMQ_1.1.0.6_x64__s04b8jbd2vpja [2017-10-28] (pmq software)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-23] (Netflix, Inc.)
Novinky.cz -> C:\Program Files\WindowsApps\949FFEAB.Novinky.cz_1.6.0.0_neutral__refxrrjvvv3cw [2018-08-13] (Seznam.cz a.s.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.27.0_x64__tqn3m7kee4xc8 [2021-01-23] (O2 Czech Republic a.s.)
Osmisměrky -> C:\Program Files\WindowsApps\80066EAE.Osmismrky_3.3.226.0_x64__nn99rn318pj0j [2017-11-10] (PoVI s.r.o.)
Push hockey -> C:\Program Files\WindowsApps\54151VJirovsky.Mistrovstvsvtavhokeji_1.2.0.0_neutral__fm5te3xsz8v00 [2017-01-05] (VJirovsky)
Scoreboard for Table Hockey -> C:\Program Files\WindowsApps\4993KvarnenMedia.ScoreboardforTableHockey_1.0.0.0_neutral__gfhgpsxw09f96 [2017-04-08] (Kvarnen Media)
SofaScore LiveScore - Live Výsledky -> C:\Program Files\WindowsApps\25794SofaScore.com.SofaScoreLiveScore_4.2.3.0_x64__wkaxyrm0njbcg [2018-08-13] (SofaScore.com)
Taptiles Windows 10 -> C:\Program Files\WindowsApps\ArkadiumLabs.Taptiles2_1.1.6.0_x64__0wzk3fg68w9ze [2018-11-26] (Arkadium Inc) [MS Ad]
Team Builder -> C:\Program Files\WindowsApps\59495GabrielCaldwell.TeamDesigner_2.1.18270.0_x64__fdv0kk4w24py2 [2019-01-29] (Gabriel Caldwell)
Tutorial for WhatsApp -> C:\Program Files\WindowsApps\27116Hirschee3.TutorialforWhatsApp_1.1.0.0_neutral__gn0j74970nhtw [2017-10-13] (Hirschee3)
TYMWEB -> C:\Program Files\WindowsApps\29834MSmart.TYMWEB_1.1.25.0_x64__mg2mgfy8t64mm [2017-01-04] (MSmart s.r.o.) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Vocabulary Expander -> C:\Program Files\WindowsApps\25700progreexon.VocabularyExpander_4.2.9.0_x86__1s2wbq1rnx7rr [2021-03-16] (Alexey Koval) [Startup Task]
WordTrainer FRAUS -> C:\Program Files\WindowsApps\FrausMedia.WordTrainerFRAUS_1.0.0.9_neutral__r8ykj5288et6y [2017-06-09] (Fraus Media)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\BK Mladá Boleslav - Fotky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=eiinkekgcbgfmgkhiacalhoblajfmnhg
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Divoké derby v Boleslavi! Ostrá bitka.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fodjkcmaajpioekeadhnocdbihpmmpjc
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Divá Bára – rozbor díla k maturitě (2.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=olmfgbgfnjjfcijoenjinbbjcakpdaba
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Lev berberský.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=aimchadgabkgfdgafegbpdngblijbjnn
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nejyrychlejší náramky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=dnkkegjpikocmjbpkhdphkbglaofmdeh
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Notebook stolek Vincent _ Expres nábytek.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=lpalnflahbhembojfebgppgmlmjlodlo
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Náramky různé z korálků bavlnek _ Mim.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ojeoghkcmjdldnlgfpagachjgfpbjomk
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Podstatná jména v němčině _ Gramatika.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ioohphjdbfnjgjbdjfdcoiogeccoplfe
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\První náramek.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=elpnfokodflplieomhjmioegcmfhmamp
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\tapety na plochu jaro - Hledat Googlem.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ankpbddckgpmcfhdgbncdfmbbkmjllcm
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bmbniebmoflhomonmkjbhjdafagjnlpl
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzory objednávky & Jak ji napsat _ Vz.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=alfbghpojlhiigjffeinpgceclhaodcc
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh

==================== Loaded Modules (Whitelisted) =============

2021-01-23 14:06 - 2021-01-23 14:06 - 020992000 _____ () [File not signed] C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.27.0_x64__tqn3m7kee4xc8\O2TV.UWP.dll
2015-11-17 00:12 - 2015-11-17 00:12 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2020-02-01 13:09 - 2020-02-01 13:09 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2020-12-17 14:11 - 2020-12-17 14:12 - 001478144 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.27.0_x64__tqn3m7kee4xc8\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-979916062-1584005342-1777448076-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2020-02-01 13:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-11-03 15:03 - 2017-11-03 15:05 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-979916062-1584005342-1777448076-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\aneta\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\logo_stahnout.png
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2B89082B5BCF774D5D43AA9AC7A68348"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Uninstall 20.169.0823.0006"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Uninstall 20.169.0823.0006\amd64"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FE55118B-624C-4D07-9343-2F846EA16D24}] => (Allow) C:\Users\aneta\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{A3E1EF48-79AA-4677-84E9-68420CFEAEE6}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{718E4273-1864-4026-8313-556B2146257D}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{552838A2-11EA-4D8F-9FCE-3A48A83E94A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2A79ACA-BD5E-408F-87F9-ED3FA38BD8AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{231855A1-78BA-4D94-876B-C188288B28B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33ECD49A-3280-42E1-A23C-F7AF433304AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ABAF2BBE-85DF-43A1-968B-EEB566C95208}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-05-2021 14:18:39 Windows Update
13-06-2021 20:46:14 Windows Update
17-06-2021 18:23:20 Windows Update
17-08-2021 22:03:57 Windows Update
17-08-2021 22:05:02 Windows Update

==================== Faulty Device Manager Devices ============

Name: ELAN pointing device
Description: ELAN pointing device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: ELAN
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors:
==================
Error: (08/17/2021 10:24:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3784,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 10:07:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 09:49:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10444,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 09:40:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4080,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 08:30:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10556,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 08:24:53 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3864,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 07:29:40 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/17/2021 07:29:40 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

System errors:
=============
Error: (08/17/2021 10:32:40 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/17/2021 10:29:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Avast Browser Update (avast) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/17/2021 10:29:03 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/17/2021 10:18:34 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/17/2021 10:17:22 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (08/17/2021 10:15:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Avast Browser Update (avast) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/17/2021 10:14:41 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/17/2021 10:00:20 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
================
Date: 2020-02-25 20:21:27.120
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7B4DAAF8-9464-437E-9A7E-1E7200DAE4D3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 20:06:34.552
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A9FF5F4B-EA2F-41E5-A456-0F16A8A919EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 19:55:16.721
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {34AA4743-E14A-4448-8B4B-D85F0ACD1F4F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 19:27:49.344
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {039ECFD6-EE96-4E30-B3BC-73040E516565}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 19:22:23.328
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3E05D162-06FF-4264-AD04-BD863DACBAA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-27 14:25:18.738
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2020-02-12 18:45:51.965
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.140.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: LENOVO A2CN44WW(V2.12) 01/18/2016
Motherboard: LENOVO Lancer 5B2
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 43%
Total physical RAM: 7128.26 MB
Available physical RAM: 4011.91 MB
Total Virtual: 8280.26 MB
Available Virtual: 4845.27 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:885.98 GB) (Free:743.29 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.91 GB) NTFS

\\?\Volume{cc2c179b-5787-4568-a405-59ffd3746257}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.43 GB) NTFS
\\?\Volume{367ea233-0efa-4928-905a-cd13d7bb158a}\ (LENOVO_PART) (Fixed) (Total:18.31 GB) (Free:4.65 GB) NTFS
\\?\Volume{563b73fd-e479-4cd3-9a1f-0412ce5631ba}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FA78AE6A)

Partition: GPT.

==================== End of Addition.txt =======================

#3 Příspěvek od **Rudy** » 18 srp 2021 09:26

Zdravím!
První problém může souviset s nesprávným nastavením biosu, případně s vadnou zálohovací baterií biosu. Zkuste bios otevřít, najít položku "Load default settings" a potvrdit jí. Výměna baterie je u NB dost problomatická pro laika, takže doporučuji ji nechat provés v odborném servisu.
Jinak spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

martin06 · #4 Příspěvek od **martin06** » 18 srp 2021 20:38

Zdravím, zatím jsem nepřišel, jak se dostat na BIOSu, zkouším různé kombinace, ale zatím nic. Je to Lenovo G50-45
Níže zasílám log z AdwCleaneru

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-18-2021
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{6BC1E857-E2AC-4787-91AD-8D23D871496D}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7306 octets] - [01/11/2020 18:13:06]
AdwCleaner[C00].txt - [2267 octets] - [01/11/2020 18:13:45]
AdwCleaner[S01].txt - [6582 octets] - [02/11/2020 16:16:50]
AdwCleaner[C01].txt - [7309 octets] - [02/11/2020 16:21:30]
AdwCleaner[S02].txt - [1825 octets] - [18/08/2021 21:27:02]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

#5 Příspěvek od **Rudy** » 18 srp 2021 20:47

Dejte nové logy FRST+Addition.

martin06 · #6 Příspěvek od **martin06** » 18 srp 2021 21:38

Zasílám log z FRST.
Zkoušel jsem aktualizovat drivery, bohužel bez úspěchu. Klávesnice nefunguje, jako kdyby zamrzla, touchpad to samé. Wifi si opět odpojila z připojené wifiny a znova se již nejde připojit.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-08-2021
Ran by aneta (administrator) on LAPTOP-ARG2GTSE (LENOVO 80E3) (17-08-2021 22:36:50)
Running from C:\Users\aneta\OneDrive\Plocha
Loaded Profiles: aneta
Platform: Windows 10 Home Version 1909 18363.1556 (X64) Language: Čeština (Česko)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346112.inf_amd64_3ee723850dc00744\B345643\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346112.inf_amd64_3ee723850dc00744\B345643\atiesrxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\aneta\AppData\Local\Microsoft\OneDrive\21.139.0711.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\aneta\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3805928 2016-08-14] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [Chromium] => "c:\users\aneta\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A7FC9E2-1606-4CEB-8C62-7592BAB6B8B0} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {2855E4DF-6037-4F4C-87F1-AA4089424796} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {2A2F95CF-CF04-49E6-835E-6F05D43F854B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B075E3C-0308-4193-828E-402F42793789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {330973DA-E61C-49E3-BFCC-853212BB5BDF} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
Task: {3EC9E714-4B47-4FD6-864C-D5DBA3CD26B5} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {67C46766-AF92-4D79-9902-C47800CC5EF7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\aneta\Downloads\esetonlinescanner.exe [14860896 2020-11-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {6D15B2CF-D3CE-4130-832A-75C795C36336} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
Task: {811A2E18-9383-4983-ADDC-2921CC9DFD6B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {84EF7D8F-D08E-4253-9FBA-E55F213465AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {921A4AA3-F67D-4BA0-8440-5FA313BFDBAB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {94C58482-0970-4CDE-8E53-6B87E5157053} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\aneta\Downloads\esetonlinescanner.exe [14860896 2020-11-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {94FDC04A-FE39-4D66-9F41-B535828A38B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {B179EAE0-8075-4EFD-82BC-4AD59D15FC3F} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
Task: {B7BB061A-B234-4D64-B937-370EB808BC60} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [133215968 2021-08-17] (Microsoft Windows -> Microsoft Corporation)
Task: {C561DE3A-01C9-4519-A854-72F01DBB70B0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-979916062-1584005342-1777448076-1002" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {CA7CCE57-9F20-44E9-A1B0-DEE9DC7DD7EB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {E6CCEFF3-3A0C-4E76-B4DE-BA8CA3D4B3E9} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {F08FC951-4BF0-47E3-8F73-68A76921EACE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {F991AD88-CB8F-4F77-B401-ECE095D4F94F} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FA7A7A43-0B43-4D74-8107-2562CCFDF35D} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203
Tcpip\..\Interfaces\{1d745ca5-d19f-4a70-b29f-6fe21588b458}: [DhcpNameServer] 150.207.1.3
Tcpip\..\Interfaces\{ac44e563-94ab-4453-abfb-eb8f7fa09664}: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203
Tcpip\..\Interfaces\{e83529f5-0d7e-47f7-80d5-265e98a76cea}: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aneta\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-17]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-01] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-01] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default [2021-08-17]
CHR Notifications: Default -> hxxps://www.freefilm.to; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vfl8qSV2F.ico
CHR Extension: (Prezentace) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-06-05]
CHR Extension: (Lev berberský) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aimchadgabkgfdgafegbpdngblijbjnn [2017-11-30]
CHR Extension: (Vzory objednávky & Jak ji napsat | Vz...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfbghpojlhiigjffeinpgceclhaodcc [2017-12-02]
CHR Extension: (tapety na plochu jaro - Hledat Googlem) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ankpbddckgpmcfhdgbncdfmbbkmjllcm [2017-06-08]
CHR Extension: (Dokumenty) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-27]
CHR Extension: (Twitter) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbniebmoflhomonmkjbhjdafagjnlpl [2017-09-17]
CHR Extension: (Nejyrychlejší náramky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnkkegjpikocmjbpkhdphkbglaofmdeh [2017-09-16]
CHR Extension: (BK Mladá Boleslav - Fotky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiinkekgcbgfmgkhiacalhoblajfmnhg [2017-06-08]
CHR Extension: (První náramek) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\elpnfokodflplieomhjmioegcmfhmamp [2017-09-16]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Divoké derby v Boleslavi! Ostrá bitka...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodjkcmaajpioekeadhnocdbihpmmpjc [2017-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-07]
CHR Extension: (Podstatná jména v němčině | Gramatika...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioohphjdbfnjgjbdjfdcoiogeccoplfe [2017-10-03]
CHR Extension: (Notebook stolek Vincent : Expres nábytek) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpalnflahbhembojfebgppgmlmjlodlo [2017-10-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Náramky různé z korálků bavlnek | Mim...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojeoghkcmjdldnlgfpagachjgfpbjomk [2017-09-16]
CHR Extension: (Divá Bára – rozbor díla k maturitě (2...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmfgbgfnjjfcijoenjinbbjcakpdaba [2017-12-11]
CHR Extension: (Ocean) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2017-10-20]
CHR Extension: (Gmail) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2020-02-12] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-08] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2019-09-23] (ESET, spol. s r.o. -> ESET)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 21:53 - 2021-08-17 21:53 - 000000000 ___HD C:\$WINDOWS.~BT
2021-08-17 21:44 - 2021-08-17 21:44 - 000000000 ___HD C:\$WinREAgent
2021-08-17 20:31 - 2021-08-17 20:31 - 002300416 _____ (Farbar) C:\Users\aneta\Downloads\FRST64 (3).exe
2021-08-17 20:31 - 2021-08-17 20:31 - 002300416 _____ (Farbar) C:\Users\aneta\Downloads\FRST64 (2).exe
2021-08-17 19:42 - 2021-08-17 19:42 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2021-08-08 10:24 - 2021-08-08 10:24 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-08 10:24 - 2021-08-08 10:24 - 000146844 _____ C:\Users\aneta\Downloads\CertifikatTestu (1).pdf
2021-08-08 10:24 - 2021-08-08 10:23 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-08 10:22 - 2021-08-08 10:22 - 000145074 _____ C:\Users\aneta\Downloads\OckovaciCertifikat (1).pdf
2021-08-08 10:21 - 2021-08-08 10:21 - 000159739 _____ C:\Users\aneta\Downloads\i55ewbbe.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 22:37 - 2020-11-01 18:31 - 000000000 ____D C:\FRST
2021-08-17 22:33 - 2020-11-01 12:47 - 000000000 ____D C:\Program Files\CCleaner
2021-08-17 22:30 - 2017-05-27 17:49 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-17 22:29 - 2016-12-24 22:14 - 000000000 ___RD C:\Users\aneta\OneDrive
2021-08-17 22:28 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-17 22:27 - 2020-02-08 15:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-17 22:27 - 2020-02-01 14:03 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-17 22:26 - 2020-02-08 15:53 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-17 22:26 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-17 22:26 - 2017-06-16 18:54 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-08-17 22:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-17 22:11 - 2020-02-08 15:19 - 000000000 ____D C:\Users\aneta
2021-08-17 22:10 - 2016-12-25 22:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-17 22:06 - 2016-12-25 22:24 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-17 22:05 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-17 22:03 - 2020-02-08 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-17 21:29 - 2020-02-08 15:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-17 21:29 - 2020-02-01 14:06 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-08-17 21:24 - 2020-02-01 14:30 - 000000000 ____D C:\Users\aneta\AppData\Local\AVAST Software
2021-08-17 21:21 - 2020-02-08 15:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-17 21:21 - 2020-02-01 14:29 - 000000000 ____D C:\Users\aneta\AppData\Roaming\AVAST Software
2021-08-17 21:21 - 2020-02-01 14:04 - 000000000 ____D C:\Program Files\AVAST Software
2021-08-17 21:19 - 2020-11-01 12:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-17 20:42 - 2020-11-01 18:36 - 000038646 _____ C:\Users\aneta\Downloads\Addition.txt
2021-08-17 20:42 - 2020-11-01 18:32 - 000131996 _____ C:\Users\aneta\Downloads\FRST.txt
2021-08-17 19:41 - 2020-09-10 14:45 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-17 19:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-17 19:37 - 2020-11-02 17:41 - 000000000 ____D C:\Users\aneta\AppData\Local\D3DSCache
2021-08-16 19:07 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2021-08-16 18:45 - 2017-05-27 17:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-16 18:43 - 2020-09-10 14:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 18:43 - 2020-09-10 14:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 18:24 - 2020-11-01 12:47 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-08-08 10:24 - 2020-02-01 14:06 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-08-08 10:24 - 2020-02-01 14:06 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-08-08 10:24 - 2020-02-01 14:06 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-08-08 10:24 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-08 10:23 - 2021-06-01 16:05 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-08 10:23 - 2020-10-21 10:48 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-08-08 10:23 - 2020-04-19 16:50 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-08-06 08:36 - 2020-12-04 21:36 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-06 08:36 - 2020-12-04 21:36 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-06 08:34 - 2021-07-07 13:24 - 000002384 _____ C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-06 08:34 - 2020-02-08 15:53 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-979916062-1584005342-1777448076-1002
2021-07-27 12:14 - 2020-02-08 10:19 - 000000000 ____D C:\Users\aneta\AppData\Local\CrashDumps

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-06-25] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [123672 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [Chromium] => "c:\users\aneta\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-16] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1A7FC9E2-1606-4CEB-8C62-7592BAB6B8B0} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {2855E4DF-6037-4F4C-87F1-AA4089424796} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {2A2F95CF-CF04-49E6-835E-6F05D43F854B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B075E3C-0308-4193-828E-402F42793789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {330973DA-E61C-49E3-BFCC-853212BB5BDF} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
Task: {3EC9E714-4B47-4FD6-864C-D5DBA3CD26B5} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {67C46766-AF92-4D79-9902-C47800CC5EF7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\aneta\Downloads\esetonlinescanner.exe [14860896 2020-11-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {6D15B2CF-D3CE-4130-832A-75C795C36336} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4902680 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
Task: {811A2E18-9383-4983-ADDC-2921CC9DFD6B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {84EF7D8F-D08E-4253-9FBA-E55F213465AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {921A4AA3-F67D-4BA0-8440-5FA313BFDBAB} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {94C58482-0970-4CDE-8E53-6B87E5157053} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\aneta\Downloads\esetonlinescanner.exe [14860896 2020-11-01] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {94FDC04A-FE39-4D66-9F41-B535828A38B2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {B179EAE0-8075-4EFD-82BC-4AD59D15FC3F} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
Task: {B7BB061A-B234-4D64-B937-370EB808BC60} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [133215968 2021-08-17] (Microsoft Windows -> Microsoft Corporation)
Task: {C561DE3A-01C9-4519-A854-72F01DBB70B0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-979916062-1584005342-1777448076-1002" /ENABLE
Task: {C8DAFBEE-CDCA-47CA-8B73-F6C62B017C4A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {CA7CCE57-9F20-44E9-A1B0-DEE9DC7DD7EB} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {E6CCEFF3-3A0C-4E76-B4DE-BA8CA3D4B3E9} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
Task: {F08FC951-4BF0-47E3-8F73-68A76921EACE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-05-03] (Avast Software s.r.o. -> Avast Software)
Task: {F991AD88-CB8F-4F77-B401-ECE095D4F94F} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FA7A7A43-0B43-4D74-8107-2562CCFDF35D} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203
Tcpip\..\Interfaces\{1d745ca5-d19f-4a70-b29f-6fe21588b458}: [DhcpNameServer] 150.207.1.3
Tcpip\..\Interfaces\{ac44e563-94ab-4453-abfb-eb8f7fa09664}: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203
Tcpip\..\Interfaces\{e83529f5-0d7e-47f7-80d5-265e98a76cea}: [DhcpNameServer] 192.168.88.1 31.41.200.201 31.41.202.203

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\aneta\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-17]
Edge HomePage: Default -> hxxp://go.microsoft.com/fwlink/?LinkId=69157

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-01] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2020-02-01] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default [2021-08-17]
CHR Notifications: Default -> hxxps://www.freefilm.to; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Default -> hxxps://s.ytimg.com/yts/img/favicon-vfl8qSV2F.ico
CHR Extension: (Prezentace) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-06-05]
CHR Extension: (Lev berberský) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aimchadgabkgfdgafegbpdngblijbjnn [2017-11-30]
CHR Extension: (Vzory objednávky & Jak ji napsat | Vz...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\alfbghpojlhiigjffeinpgceclhaodcc [2017-12-02]
CHR Extension: (tapety na plochu jaro - Hledat Googlem) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ankpbddckgpmcfhdgbncdfmbbkmjllcm [2017-06-08]
CHR Extension: (Dokumenty) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-01]
CHR Extension: (YouTube) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-27]
CHR Extension: (Twitter) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbniebmoflhomonmkjbhjdafagjnlpl [2017-09-17]
CHR Extension: (Nejyrychlejší náramky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnkkegjpikocmjbpkhdphkbglaofmdeh [2017-09-16]
CHR Extension: (BK Mladá Boleslav - Fotky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiinkekgcbgfmgkhiacalhoblajfmnhg [2017-06-08]
CHR Extension: (První náramek) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\elpnfokodflplieomhjmioegcmfhmamp [2017-09-16]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-10]
CHR Extension: (Tabulky) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Divoké derby v Boleslavi! Ostrá bitka...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fodjkcmaajpioekeadhnocdbihpmmpjc [2017-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-07]
CHR Extension: (Podstatná jména v němčině | Gramatika...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioohphjdbfnjgjbdjfdcoiogeccoplfe [2017-10-03]
CHR Extension: (Notebook stolek Vincent : Expres nábytek) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpalnflahbhembojfebgppgmlmjlodlo [2017-10-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Náramky různé z korálků bavlnek | Mim...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojeoghkcmjdldnlgfpagachjgfpbjomk [2017-09-16]
CHR Extension: (Divá Bára – rozbor díla k maturitě (2...) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\olmfgbgfnjjfcijoenjinbbjcakpdaba [2017-12-11]
CHR Extension: (Ocean) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgedigcdbemilinbicidhplhebjoafpl [2017-10-20]
CHR Extension: (Gmail) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\aneta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-17]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8262736 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [627480 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [374552 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-03] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2020-02-01] (bookingDesktopApp.) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2020-02-12] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [218976 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [367640 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250392 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [17344 2021-08-08] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184648 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [559816 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108408 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82904 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851704 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [471920 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-08-08] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4322440 2015-08-14] (WDKTestCert qcaswbld,130129545209614653 -> Qualcomm Atheros Communications, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-02-08] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-05-28] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ESETCleanersDriver; C:\WINDOWS\system32\Drivers\ESETCleanersDriver.sys [181160 2019-09-23] (ESET, spol. s r.o. -> ESET)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Technology CO., LTD -> Sonix Co. Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-17 21:53 - 2021-08-17 21:53 - 000000000 ___HD C:\$WINDOWS.~BT
2021-08-17 21:44 - 2021-08-17 21:44 - 000000000 ___HD C:\$WinREAgent
2021-08-17 20:31 - 2021-08-17 20:31 - 002300416 _____ (Farbar) C:\Users\aneta\Downloads\FRST64 (3).exe
2021-08-17 20:31 - 2021-08-17 20:31 - 002300416 _____ (Farbar) C:\Users\aneta\Downloads\FRST64 (2).exe
2021-08-17 19:42 - 2021-08-17 19:42 - 000000000 ____D C:\WINDOWS\system32\gf2engine
2021-08-08 10:24 - 2021-08-08 10:24 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-08-08 10:24 - 2021-08-08 10:24 - 000146844 _____ C:\Users\aneta\Downloads\CertifikatTestu (1).pdf
2021-08-08 10:24 - 2021-08-08 10:23 - 000339736 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-08-08 10:22 - 2021-08-08 10:22 - 000145074 _____ C:\Users\aneta\Downloads\OckovaciCertifikat (1).pdf
2021-08-08 10:21 - 2021-08-08 10:21 - 000159739 _____ C:\Users\aneta\Downloads\i55ewbbe.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-18 22:18 - 2020-11-01 18:31 - 000000000 ____D C:\FRST
2021-08-18 22:14 - 2020-02-08 15:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-18 22:14 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-18 21:48 - 2020-11-01 12:47 - 000000000 ____D C:\Program Files\CCleaner
2021-08-18 21:48 - 2017-05-27 17:49 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-18 21:47 - 2016-12-24 22:14 - 000000000 ___RD C:\Users\aneta\OneDrive
2021-08-18 21:45 - 2020-02-08 15:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-18 21:45 - 2020-02-01 14:03 - 000000000 ____D C:\ProgramData\AVAST Software
2021-08-18 21:44 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-18 21:44 - 2017-06-16 18:54 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-08-18 21:22 - 2021-07-07 13:24 - 000002384 _____ C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-18 21:22 - 2020-02-08 15:53 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-979916062-1584005342-1777448076-1002
2021-08-17 23:27 - 2020-02-08 15:53 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-08-17 23:10 - 2017-06-16 18:50 - 000000000 ____D C:\Program Files\Elantech
2021-08-17 23:02 - 2016-03-05 10:37 - 000000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2021-08-17 23:01 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2021-08-17 22:57 - 2020-11-01 13:06 - 000000785 _____ C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-08-17 22:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-08-17 22:11 - 2020-02-08 15:19 - 000000000 ____D C:\Users\aneta
2021-08-17 22:10 - 2016-12-25 22:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-17 22:06 - 2016-12-25 22:24 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-17 22:05 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-17 22:03 - 2020-02-08 09:43 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-17 21:29 - 2020-02-01 14:06 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2021-08-17 21:24 - 2020-02-01 14:30 - 000000000 ____D C:\Users\aneta\AppData\Local\AVAST Software
2021-08-17 21:21 - 2020-02-08 15:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-08-17 21:21 - 2020-02-01 14:29 - 000000000 ____D C:\Users\aneta\AppData\Roaming\AVAST Software
2021-08-17 21:21 - 2020-02-01 14:04 - 000000000 ____D C:\Program Files\AVAST Software
2021-08-17 21:19 - 2020-11-01 12:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-17 20:42 - 2020-11-01 18:36 - 000038646 _____ C:\Users\aneta\Downloads\Addition.txt
2021-08-17 20:42 - 2020-11-01 18:32 - 000131996 _____ C:\Users\aneta\Downloads\FRST.txt
2021-08-17 19:41 - 2020-09-10 14:45 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-17 19:38 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-17 19:37 - 2020-11-02 17:41 - 000000000 ____D C:\Users\aneta\AppData\Local\D3DSCache
2021-08-16 18:45 - 2017-05-27 17:49 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-16 18:43 - 2020-09-10 14:45 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-16 18:43 - 2020-09-10 14:45 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-16 18:24 - 2020-11-01 12:47 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-08-08 10:24 - 2020-02-01 14:06 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-08-08 10:24 - 2020-02-01 14:06 - 000250392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-08-08 10:24 - 2020-02-01 14:06 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-08-08 10:24 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-08 10:23 - 2021-06-01 16:05 - 000017344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-08-08 10:23 - 2020-10-21 10:48 - 000184648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-08-08 10:23 - 2020-04-19 16:50 - 000559816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000851704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000471920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000367640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000218976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000108408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000082904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-08-08 10:23 - 2020-02-01 14:06 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-08-06 08:36 - 2020-12-04 21:36 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-06 08:36 - 2020-12-04 21:36 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-27 12:14 - 2020-02-08 10:19 - 000000000 ____D C:\Users\aneta\AppData\Local\CrashDumps

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

martin06 · #7 Příspěvek od **martin06** » 18 srp 2021 21:38

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by aneta (18-08-2021 22:21:16)
Running from C:\Users\aneta\OneDrive\Plocha
Windows 10 Home Version 1909 18363.1556 (X64) (2020-02-08 13:54:36)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-979916062-1584005342-1777448076-500 - Administrator - Disabled)
aneta (S-1-5-21-979916062-1584005342-1777448076-1002 - Administrator - Enabled) => C:\Users\aneta
DefaultAccount (S-1-5-21-979916062-1584005342-1777448076-503 - Limited - Disabled)
Guest (S-1-5-21-979916062-1584005342-1777448076-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-979916062-1584005342-1777448076-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
AMD Catalyst Install Manager (HKLM\...\{23D86980-AD31-38E8-E1C0-E7B574B34C14}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.6.2474 - Avast Software)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.83 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 92.0.4515.131 - Google LLC)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.65.2 - ELAN Microelectronic Corp.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.73 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D06A5649-3BDB-4F2C-9C38-AB25CD5102E2}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

Packages:
=========
Ashampoo ImageFX -> C:\Program Files\WindowsApps\8B5997F6.AshampooImageFX_1.0.2.14_x64__zmaqd4ft1bcf6 [2018-02-16] (Ashampoo)
Avast Antivirus Download Center -> C:\Program Files\WindowsApps\51CA791E.AvastAntivirusDownloadCenter_1.20.6.0_x64__s1d0xtrs8dx04 [2020-10-15] (AVAST Software)
Bakaláři – oficiální aplikace -> C:\Program Files\WindowsApps\40325JJones.Bakali_2.2.16.0_x64__gq7k0ca1wra62 [2020-03-25] (JJones)
ČT sport -> C:\Program Files\WindowsApps\Ceskatelevize.Tsport_1.0.0.10_x64__ndqbq1wc819cy [2016-12-29] (Ceska televize)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2104.6.0_x64__6dqnvyezrysvy [2021-04-15] (Dailymotion)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.401.0_x64__rz1tebttyb220 [2021-04-24] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-23] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-16] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.312.0.0_x86__8xx8rvfyw5nnt [2021-04-03] (Facebook Inc)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2020-02-12] (Fitbit)
Hill Climb Racing -> C:\Program Files\WindowsApps\FINGERSOFT.HILLCLIMBRACING_1.41.1.0_x86__r6rtpscs7gwyg [2019-10-15] (Fingersoft) [MS Ad]
Hockey Lingo -> C:\Program Files\WindowsApps\23740CodeCreators.ca.HockeyLingo_1.0.0.1_neutral__6mfwecr1e4j6a [2017-04-08] (CodeCreators.ca)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-14] (HP Inc.)
IceHockey++ -> C:\Program Files\WindowsApps\39288eOneSoft.IceHockey_2020.3.905.0_x64__60gzmx8dyyb64 [2019-08-31] (eOneSoft) [MS Ad]
iVysílání -> C:\Program Files\WindowsApps\Ceskatelevize.iVysln_1.2.0.0_x64__ndqbq1wc819cy [2019-05-26] (Ceska televize)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-02-16] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-12] (LENOVO INC.)
LiveArena Hockey -> C:\Program Files\WindowsApps\LiveArena.LiveArenaHockey_1.1.2.0_x64__j265m5nw31m1a [2017-09-09] (LiveArena)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-29] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5060.0_x64__8wekyb3d8bbwe [2021-05-14] (Microsoft Studios) [MS Ad]
Microsoft Sudoku -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSudoku_2.2.10190.0_x64__8wekyb3d8bbwe [2020-11-10] (Microsoft Studios) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Německá slovíčka [PMQ] -> C:\Program Files\WindowsApps\pmqsoftware.NmeckslovkaPMQ_1.1.0.6_x64__s04b8jbd2vpja [2017-10-28] (pmq software)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2021-01-23] (Netflix, Inc.)
Novinky.cz -> C:\Program Files\WindowsApps\949FFEAB.Novinky.cz_1.6.0.0_neutral__refxrrjvvv3cw [2018-08-13] (Seznam.cz a.s.)
O2 TV -> C:\Program Files\WindowsApps\D8378DF7.O2TVGo_20182.0.27.0_x64__tqn3m7kee4xc8 [2021-01-23] (O2 Czech Republic a.s.)
Osmisměrky -> C:\Program Files\WindowsApps\80066EAE.Osmismrky_3.3.226.0_x64__nn99rn318pj0j [2017-11-10] (PoVI s.r.o.)
Push hockey -> C:\Program Files\WindowsApps\54151VJirovsky.Mistrovstvsvtavhokeji_1.2.0.0_neutral__fm5te3xsz8v00 [2017-01-05] (VJirovsky)
Scoreboard for Table Hockey -> C:\Program Files\WindowsApps\4993KvarnenMedia.ScoreboardforTableHockey_1.0.0.0_neutral__gfhgpsxw09f96 [2017-04-08] (Kvarnen Media)
SofaScore LiveScore - Live Výsledky -> C:\Program Files\WindowsApps\25794SofaScore.com.SofaScoreLiveScore_4.2.3.0_x64__wkaxyrm0njbcg [2018-08-13] (SofaScore.com)
Taptiles Windows 10 -> C:\Program Files\WindowsApps\ArkadiumLabs.Taptiles2_1.1.6.0_x64__0wzk3fg68w9ze [2018-11-26] (Arkadium Inc) [MS Ad]
Team Builder -> C:\Program Files\WindowsApps\59495GabrielCaldwell.TeamDesigner_2.1.18270.0_x64__fdv0kk4w24py2 [2019-01-29] (Gabriel Caldwell)
Tutorial for WhatsApp -> C:\Program Files\WindowsApps\27116Hirschee3.TutorialforWhatsApp_1.1.0.0_neutral__gn0j74970nhtw [2017-10-13] (Hirschee3)
TYMWEB -> C:\Program Files\WindowsApps\29834MSmart.TYMWEB_1.1.25.0_x64__mg2mgfy8t64mm [2017-01-04] (MSmart s.r.o.) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
Vocabulary Expander -> C:\Program Files\WindowsApps\25700progreexon.VocabularyExpander_4.2.9.0_x86__1s2wbq1rnx7rr [2021-03-16] (Alexey Koval) [Startup Task]
WordTrainer FRAUS -> C:\Program Files\WindowsApps\FrausMedia.WordTrainerFRAUS_1.0.0.9_neutral__r8ykj5288et6y [2017-06-09] (Fraus Media)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-08-08] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\BK Mladá Boleslav - Fotky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=eiinkekgcbgfmgkhiacalhoblajfmnhg
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Divoké derby v Boleslavi! Ostrá bitka.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fodjkcmaajpioekeadhnocdbihpmmpjc
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Divá Bára – rozbor díla k maturitě (2.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=olmfgbgfnjjfcijoenjinbbjcakpdaba
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Lev berberský.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=aimchadgabkgfdgafegbpdngblijbjnn
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nejyrychlejší náramky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=dnkkegjpikocmjbpkhdphkbglaofmdeh
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Notebook stolek Vincent _ Expres nábytek.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=lpalnflahbhembojfebgppgmlmjlodlo
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Náramky různé z korálků bavlnek _ Mim.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ojeoghkcmjdldnlgfpagachjgfpbjomk
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Podstatná jména v němčině _ Gramatika.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ioohphjdbfnjgjbdjfdcoiogeccoplfe
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\První náramek.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=elpnfokodflplieomhjmioegcmfhmamp
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\tapety na plochu jaro - Hledat Googlem.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=ankpbddckgpmcfhdgbncdfmbbkmjllcm
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Twitter.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=bmbniebmoflhomonmkjbhjdafagjnlpl
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzory objednávky & Jak ji napsat _ Vz.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=alfbghpojlhiigjffeinpgceclhaodcc
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh
ShortcutWithArgument: C:\Users\aneta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=adnlfjpnmidfimlkaohpidplnoimahfh

==================== Loaded Modules (Whitelisted) =============

2015-11-17 00:16 - 2015-11-17 00:16 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-11-17 00:12 - 2015-11-17 00:12 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2020-02-01 13:09 - 2020-02-01 13:09 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-979916062-1584005342-1777448076-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2020-02-01 13:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2017-11-03 15:03 - 2017-11-03 15:05 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-979916062-1584005342-1777448076-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\aneta\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\logo_stahnout.png
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "ForteConfig"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "DriverUpdUI.exe"
HKLM\...\StartupApproved\Run32: => "ETDCtrl"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_2B89082B5BCF774D5D43AA9AC7A68348"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Uninstall 20.169.0823.0006"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Uninstall 20.169.0823.0006\amd64"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "Delete Cached Standalone Update Binary"
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FE55118B-624C-4D07-9343-2F846EA16D24}] => (Allow) C:\Users\aneta\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [TCP Query User{A3E1EF48-79AA-4677-84E9-68420CFEAEE6}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [UDP Query User{718E4273-1864-4026-8313-556B2146257D}C:\program files\avast software\avast\avastui.exe] => (Block) C:\program files\avast software\avast\avastui.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{552838A2-11EA-4D8F-9FCE-3A48A83E94A1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E2A79ACA-BD5E-408F-87F9-ED3FA38BD8AD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{231855A1-78BA-4D94-876B-C188288B28B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33ECD49A-3280-42E1-A23C-F7AF433304AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ABAF2BBE-85DF-43A1-968B-EEB566C95208}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

14-05-2021 14:18:39 Windows Update
13-06-2021 20:46:14 Windows Update
17-06-2021 18:23:20 Windows Update
17-08-2021 22:03:57 Windows Update
17-08-2021 22:05:02 Windows Update

==================== Faulty Device Manager Devices ============

Name: Lenovo pointing device
Description: Lenovo pointing device
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: ELAN
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: ========================

Application errors:
==================
Error: (08/18/2021 10:10:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6728,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/18/2021 09:53:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3864,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 11:33:43 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11000,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 11:26:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7848,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 11:20:15 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3848,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 10:50:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7692,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 10:45:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3704,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (08/17/2021 10:24:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3784,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

System errors:
=============
Error: (08/18/2021 09:50:20 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:47:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Avast Browser Update (avast) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/18/2021 09:46:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:36:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:32:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Avast Browser Update (avast) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (08/18/2021 09:32:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-ARG2GTSE)
Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/18/2021 09:29:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Instalační služba modulů systému Windows neuspěla při spuštění v důsledku následující chyby:
Médium je chráněno proti zápisu.

Error: (08/18/2021 09:27:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Windows Defender:
================
Date: 2020-02-25 20:21:27.120
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7B4DAAF8-9464-437E-9A7E-1E7200DAE4D3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 20:06:34.552
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A9FF5F4B-EA2F-41E5-A456-0F16A8A919EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 19:55:16.721
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {34AA4743-E14A-4448-8B4B-D85F0ACD1F4F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 19:27:49.344
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {039ECFD6-EE96-4E30-B3BC-73040E516565}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-25 19:22:23.328
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3E05D162-06FF-4264-AD04-BD863DACBAA1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-27 14:25:18.738
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ovladač filtru přeskočil prohledávání položek a je v režimu průchodu. Příčinou může být nízký stav prostředků.

Date: 2020-02-12 18:45:51.965
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.309.140.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

==================== Memory info ===========================

BIOS: LENOVO A2CN44WW(V2.12) 01/18/2016
Motherboard: LENOVO Lancer 5B2
Processor: AMD A4-6210 APU with AMD Radeon R3 Graphics
Percentage of memory in use: 42%
Total physical RAM: 7128.26 MB
Available physical RAM: 4084.68 MB
Total Virtual: 8280.26 MB
Available Virtual: 4766.32 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:885.98 GB) (Free:740.67 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.91 GB) NTFS

\\?\Volume{cc2c179b-5787-4568-a405-59ffd3746257}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.43 GB) NTFS
\\?\Volume{367ea233-0efa-4928-905a-cd13d7bb158a}\ (LENOVO_PART) (Fixed) (Total:18.31 GB) (Free:4.65 GB) NTFS
\\?\Volume{563b73fd-e479-4cd3-9a1f-0412ce5631ba}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: FA78AE6A)

Partition: GPT.

==================== End of Addition.txt =======================

#8 Příspěvek od **Rudy** » 19 srp 2021 09:47

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2855E4DF-6037-4F4C-87F1-AA4089424796} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {2B075E3C-0308-4193-828E-402F42793789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

EmptyTemp:
End

Uložte do C:\Users\aneta\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

martin06 · #9 Příspěvek od **martin06** » 19 srp 2021 19:39

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-08-2021
Ran by aneta (19-08-2021 20:31:46) Run:2
Running from C:\Users\aneta\OneDrive\Plocha
Loaded Profiles: aneta
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2855E4DF-6037-4F4C-87F1-AA4089424796} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Task: {2B075E3C-0308-4193-828E-402F42793789} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-27] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\...\MountPoints2: {a5054c26-9bf1-11e9-af44-806e6f6e6963} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5054c26-9bf1-11e9-af44-806e6f6e6963} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2855E4DF-6037-4F4C-87F1-AA4089424796}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2855E4DF-6037-4F4C-87F1-AA4089424796}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B075E3C-0308-4193-828E-402F42793789}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B075E3C-0308-4193-828E-402F42793789}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=3 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@update.avastbrowser.com/Avast Browser;version=9 => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKU\S-1-5-21-979916062-1584005342-1777448076-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a5054c26-9bf1-11e9-af44-806e6f6e6963} => not found
HKLM\SOFTWARE\Policies\Mozilla => not found

=========== EmptyTemp: ==========

BITS transfer queue => 9723904 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 126961280 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5644493 B
Edge => 0 B
Chrome => 113476382 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 409060 B
NetworkService => 412098 B
aneta => 94647634 B

RecycleBin => 69632 B
EmptyTemp: => 335.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 20:33:01 ====

#10 Příspěvek od **Rudy** » 19 srp 2021 19:50

Smazáno. Nastala nějaká změna?

martin06 · #11 Příspěvek od **martin06** » 19 srp 2021 20:22

Start je opoznání rychlejší. Děkuji, ale stále řeším s touchpadem ( ELAN Pointing Device ) vpravo dole na monitoru mám ikonu touchapdu a v něm žlutej vykřičník. Do toho se stále zasekává klávesnice

#12 Příspěvek od **Rudy** » 19 srp 2021 20:51

Touchpad má buď špatný ovladač, nebo je vadný anebo je poškozen systém. Tady nelze to řešit jinak, než obnovou systému k datu, kdy korektně fungoval, přeinstalováním ovladače, případně návštěvou servisu.

martin06 · #13 Příspěvek od **martin06** » 19 srp 2021 21:03

Ovladače jsem přeinstaloval, nepomohlo to. Zkusím ještě bod obnovení.
Můžete topic zavřít. Ještě jednou děkuji.

#14 Příspěvek od **Rudy** » 20 srp 2021 09:22

Rádo se stalo!

VIRY.CZ

Kontrola logu

Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu

Re: Kontrola logu