Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

spomalene PC

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Příspěvky: 71
Registrován: 20 říj 2019 16:46

spomalene PC

#1 Příspěvek od alfonz.flower »

Dobry den,

PC sa troska spomalil v poslednom case, prosim o kontrolu logu ci tu nie je nejaka havat.

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [170240 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009133C7-B9CB-4318-9EBE-6BF182799DEB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\83448ab0-3ae0-4847-ac47-b1180e6f2568 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {10D6AF18-EE7F-4872-80F0-E8AFE7BBA385} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1ed76e21-6aed-4316-9ddf-41f997627221 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {24D727D8-22AB-4FC5-95F5-265DACFDDC58} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2CDE6AF9-A543-4DA1-8922-20E2A1CD5B38} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3EFF10AD-287E-451A-87DC-D4F32F6B0B94} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {417BCBCB-00FE-4D11-836A-E52B771E357B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\70f23f41-34e4-4ae7-b190-ec0af1a04da1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {42F39AAE-9230-4D56-AA5A-5556C289FE22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {594FD384-2FE9-4E73-806A-981B334565C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1122200 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A86536A-10D3-415F-86DC-43680DF4F2D5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {646FB878-9AA9-4297-9358-F08908596027} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {65744C64-3B79-4ADF-83F1-3FBC1E8847CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {77032FBE-3118-45F5-B26C-C771FBB34796} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {83A76978-F115-416B-8535-10A2582D4775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {845602A6-C681-4280-B1F7-801B05BB56FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {84C33941-96CF-45CF-ABE5-B1461DC9EF99} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9D3271F2-7F14-4EC3-9123-32BCDC05EDC3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1360665a-6133-4341-be29-ea2b99cc32fa => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {D9E7ED4A-5FD5-49A3-97F0-7B817A3E5FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {E3DE739E-5974-406F-A48A-B8B4F84E4C9D} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4856576 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {E5FB513C-FB65-4EC5-9F13-503B05B80808} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EED0C395-840E-4CCB-9E6F-BADE0414F716} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe
Task: {FD17AFB3-76C7-4D83-AB08-B4C6C1E8BD4E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {FD6A4626-BAF6-40C9-AE40-954C74EA58BD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FFF3CD8A-3CDF-4168-AE6C-A1D6D425E66E} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{003e550c-6bc2-4102-b793-c4c4b85375ea}: [DhcpNameServer]
Tcpip\..\Interfaces\{ce6aed68-19c5-44b6-94fd-9b8f71b58881}: [DhcpNameServer]

DownloadDir: C:\Users\Jarka Simkova\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Jarka Simkova\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-08]

FF DefaultProfile: 4x22v3ip.default
FF ProfilePath: C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default [2021-06-05]
FF Homepage: Mozilla\Firefox\Profiles\4x22v3ip.default -> www.google.sk
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2021-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-05-19]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

CHR Profile: C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentácie) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-22]
CHR Extension: (Dokumenty) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-22]
CHR Extension: (Disk Google) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-22]
CHR Extension: (Tabuľky) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Gmail) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [623360 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [370944 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8198768 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35800 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [216488 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [365592 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250392 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99352 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [17344 2021-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [181072 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [523016 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107936 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83000 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851272 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [471480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-09] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2019-05-17] (EnTech Taiwan -> EnTech Taiwan)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 10:25 - 2021-06-08 10:25 - 000015868 _____ C:\Users\Jarka Simkova\Desktop\FRST.txt
2021-06-08 10:24 - 2021-06-08 10:25 - 000000000 ____D C:\FRST
2021-06-08 10:23 - 2021-06-08 10:23 - 002300416 _____ (Farbar) C:\Users\Jarka Simkova\Desktop\FRST64 (1).exe
2021-06-08 10:21 - 2021-06-08 10:22 - 002300416 _____ (Farbar) C:\Users\Jarka Simkova\Downloads\Nepotvrdené 490406.crdownload
2021-06-05 12:35 - 2021-06-05 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-04 21:38 - 2021-06-05 12:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-02 20:06 - 2021-06-02 20:05 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-06-02 20:06 - 2021-06-02 20:05 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-05-30 13:24 - 2021-05-30 13:24 - 000017344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-05-23 10:42 - 2021-05-23 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2021-05-14 20:58 - 2021-05-14 20:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-14 20:58 - 2021-05-14 20:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-14 20:58 - 2021-05-14 20:58 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 20:58 - 2021-05-14 20:58 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 20:57 - 2021-05-14 20:57 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-14 20:57 - 2021-05-14 20:57 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-14 20:57 - 2021-05-14 20:57 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-14 20:57 - 2021-05-14 20:57 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 20:57 - 2021-05-14 20:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 20:57 - 2021-05-14 20:57 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-14 20:56 - 2021-05-14 20:56 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 20:56 - 2021-05-14 20:56 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 10:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-08 10:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-08 10:22 - 2021-03-29 05:25 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-06-08 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-08 10:19 - 2019-11-22 12:35 - 000000000 ____D C:\ProgramData\AVG
2021-06-08 10:18 - 2021-03-29 05:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-08 10:18 - 2021-03-28 09:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-08 10:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-08 10:18 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-08 10:18 - 2018-11-24 03:44 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-06-05 16:20 - 2019-05-19 20:39 - 000000000 ____D C:\Users\Jarka Simkova\AppData\LocalLow\Mozilla
2021-06-05 16:19 - 2021-03-28 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-05 12:45 - 2021-03-29 05:25 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-05 12:43 - 2020-06-23 21:18 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 12:43 - 2020-06-23 21:18 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-05 12:43 - 2020-06-23 21:18 - 000002293 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-05 12:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 12:40 - 2019-05-19 20:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-05 12:37 - 2021-03-28 09:54 - 000000000 ____D C:\Users\Jarka Simkova
2021-06-05 12:37 - 2019-05-19 20:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-05 12:35 - 2019-05-19 20:38 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-04 22:01 - 2021-04-12 21:01 - 000003310 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d723a829aa6dd4
2021-06-04 22:01 - 2021-03-29 05:25 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-04 22:01 - 2021-03-29 05:25 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-04 22:01 - 2021-03-29 05:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-06-02 20:06 - 2020-06-23 19:54 - 000523016 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-06-02 20:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-02 20:05 - 2020-08-13 19:47 - 000181072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000851272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000471480 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000365592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000250392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000216488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000107936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000099352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000083000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000035800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-06-02 19:58 - 2020-11-01 13:49 - 000005406 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-27 21:17 - 2019-05-17 16:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-27 20:57 - 2019-11-22 12:40 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 20:51 - 2020-01-12 22:04 - 000000000 ____D C:\Users\Jarka Simkova\Desktop\Nový priečinok
2021-05-27 20:01 - 2021-03-29 05:25 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-25 17:36 - 2019-10-03 22:59 - 000000000 ___HD C:\ProgramData\CyberLink
2021-05-23 10:42 - 2019-10-16 06:19 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-17 05:30 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-15 06:56 - 2021-03-28 09:51 - 000437984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-15 06:55 - 2019-12-07 16:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-14 21:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 21:03 - 2019-12-07 16:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 20:24 - 2019-06-02 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 20:01 - 2019-06-02 22:19 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2021 01
Ran by Jarka Simkova (08-06-2021 10:27:23)
Running from C:\Users\Jarka Simkova\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2021-03-29 03:25:52)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-3940926089-4164835052-1180443062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3940926089-4164835052-1180443062-503 - Limited - Disabled)
Guest (S-1-5-21-3940926089-4164835052-1180443062-501 - Limited - Disabled)
Jarka Simkova (S-1-5-21-3940926089-4164835052-1180443062-1002 - Administrator - Enabled) => C:\Users\Jarka Simkova
WDAGUtilityAccount (S-1-5-21-3940926089-4164835052-1180443062-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Aplikácie Microsoft 365 pre podnikateľov - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.4.3179 - AVG Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: - Lenovo Group Ltd.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: - Huawei Technologies Co.,Ltd)
Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: - Microsoft Corporation) Hidden
Vulkan Run Time Libraries (HKLM\...\VulkanRT1.0.61.0) (Version: - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-02-22] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-02] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-03-05] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-21 10:37 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-31 20:02 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\sharepoint.com -> hxxps://nocsk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5FDB38E0-947F-4FE8-AAF2-6D264453FA3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35748BD7-BF48-4828-BFD7-3A6878221CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3690EDD-2ADD-466C-9865-071EAEA5A82C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9EAF64-4E4A-4930-A436-29C24A56568D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9AF97B4-B9F7-4036-AC50-497460CEEF9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11601.20178.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EFFE614-7A96-4AE9-AD9A-729FF7ED898E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BAC49D3-DE74-4E5D-B027-5FAD2E8CDD03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDDC2486-6CF9-4213-9F7D-3B52A4AF2A70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08D97C31-C7F0-49AD-AACD-F0281BE02F1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5EF60FF-CC42-4CB4-9801-EF9FCE424BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F90BC0BD-41E8-40CD-8B82-638F92CB0997}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{652511D4-119C-46EE-B3BE-968D5621367C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30294CE6-6B2A-404A-8280-C3C8B1BABFC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99406EBC-4FDA-4D51-917B-03AE654AD6D9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:78.94 GB) (67%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
Error: (06/08/2021 10:23:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/05/2021 12:37:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

Error: (06/05/2021 12:37:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

Error: (06/04/2021 08:12:52 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
Error: (06/08/2021 10:24:14 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/05/2021 04:50:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/05/2021 02:18:49 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Qualcomm Atheros QCA9377 Wireless Network Adapter, {74799e4b-a8d0-4cc9-890a-e9e4b76e8d3d}, had event 71

Error: (06/05/2021 02:18:49 PM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA9377 Wireless Network Adapter : Has determined that the network adapter is not functioning properly.

Error: (06/05/2021 12:42:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/04/2021 11:42:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/04/2021 11:42:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/04/2021 11:42:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server {7966B4D8-4FDC-4126-A10B-39A3209AD251} did not register with DCOM within the required timeout.

Date: 2021-06-08 10:24:03
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-08 10:22:41
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Lenovo 1PCN66WW 04/26/2018
Motherboard: LENOVO LNVNB161216
Processor: AMD A9-9410 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 83%
Total physical RAM: 3920.07 MB
Available physical RAM: 632.2 MB
Total Virtual: 4624.07 MB
Available Virtual: 932.66 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:78.94 GB) NTFS

\\?\Volume{467b35af-180d-4ef4-a198-ecbd57b9ad6b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{b7295002-0aac-4eac-8cbe-508082c6c74c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

Disk: 0 (Size: 119.2 GB) (Disk ID: 6F7778AD)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118367
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: spomalene PC

#2 Příspěvek od Rudy »

Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Příspěvky: 71
Registrován: 20 říj 2019 16:46

Re: spomalene PC

#3 Příspěvek od alfonz.flower »

Odinstaloval som AVG, je to lepsie :) Asi neustale kontroloval, alebo neviem. Staci aj antivir ktory je vo Windows 10 ? Deffender?

# -------------------------------
# Malwarebytes AdwCleaner
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2021
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Jarka Simkova\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1


[+] Delete Tracing Keys
[+] Reset Winsock


AdwCleaner[S00].txt - [1869 octets] - [08/06/2021 10:43:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-08-2021
# Duration: 00:00:33
# OS: Windows 10 Home
# Scanned: 31988
# Detected: 5

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Jarka Simkova\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Příspěvky: 71
Registrován: 20 říj 2019 16:46

Re: spomalene PC

#4 Příspěvek od alfonz.flower »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2021 01
Ran by Jarka Simkova (08-06-2021 13:36:01)
Running from C:\Users\Jarka Simkova\Desktop
Windows 10 Home Version 21H1 19043.1023 (X64) (2021-03-29 03:25:52)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-3940926089-4164835052-1180443062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3940926089-4164835052-1180443062-503 - Limited - Disabled)
Guest (S-1-5-21-3940926089-4164835052-1180443062-501 - Limited - Disabled)
Jarka Simkova (S-1-5-21-3940926089-4164835052-1180443062-1002 - Administrator - Enabled) => C:\Users\Jarka Simkova
WDAGUtilityAccount (S-1-5-21-3940926089-4164835052-1180443062-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Aplikácie Microsoft 365 pre podnikateľov - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: - Lenovo Group Ltd.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: - Huawei Technologies Co.,Ltd)
Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: - Microsoft Corporation) Hidden
Vulkan Run Time Libraries (HKLM\...\VulkanRT1.0.61.0) (Version: - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-02-22] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-02] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-03-05] (Advanced Micro Devices, Inc.) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\sharepoint.com -> hxxps://nocsk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5FDB38E0-947F-4FE8-AAF2-6D264453FA3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35748BD7-BF48-4828-BFD7-3A6878221CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3690EDD-2ADD-466C-9865-071EAEA5A82C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9EAF64-4E4A-4930-A436-29C24A56568D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9AF97B4-B9F7-4036-AC50-497460CEEF9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11601.20178.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EFFE614-7A96-4AE9-AD9A-729FF7ED898E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BAC49D3-DE74-4E5D-B027-5FAD2E8CDD03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDDC2486-6CF9-4213-9F7D-3B52A4AF2A70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08D97C31-C7F0-49AD-AACD-F0281BE02F1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5EF60FF-CC42-4CB4-9801-EF9FCE424BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F90BC0BD-41E8-40CD-8B82-638F92CB0997}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{652511D4-119C-46EE-B3BE-968D5621367C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30294CE6-6B2A-404A-8280-C3C8B1BABFC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99406EBC-4FDA-4D51-917B-03AE654AD6D9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:76.8 GB) (65%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
Error: (06/08/2021 11:18:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wuauclt.exe, verzia: 10.0.19041.906, časová značka: 0x01b4b287
Názov chybujúceho modulu: wuuhosdeployment.dll_unloaded, verzia: 10.0.19041.867, časová značka: 0x14e58421
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001a3f3
Identifikácia chybujúceho procesu: 0x243c
Čas spustenia chybujúcej aplikácie: 0x01d75c451409f162
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wuauclt.exe
Cesta chybujúceho modulu: wuuhosdeployment.dll
Identifikácia hlásenia: d1d128bb-368e-4bee-9e8a-2585ef570c6e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/08/2021 10:50:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MsMpEng.exe, verzia: 4.18.2001.10, časová značka: 0xcc8022f7
Názov chybujúceho modulu: mpengine.dll_unloaded, verzia: 1.1.18200.4, časová značka: 0x60b01001
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000002d226
Identifikácia chybujúceho procesu: 0x2354
Čas spustenia chybujúcej aplikácie: 0x01d75c433f3a323e
Cesta chybujúcej aplikácie: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe
Cesta chybujúceho modulu: mpengine.dll
Identifikácia hlásenia: c42a8793-6d3e-4ef7-895c-6a4045af5846
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/08/2021 10:23:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/05/2021 12:37:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

System errors:
Error: (06/08/2021 01:24:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:14:57 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/08/2021 01:11:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:10:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:10:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby ImControllerService zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:08:12 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Qualcomm Atheros QCA9377 Wireless Network Adapter, {003e550c-6bc2-4102-b793-c4c4b85375ea}, had event 71

Error: (06/08/2021 01:08:12 PM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA9377 Wireless Network Adapter : Has determined that the network adapter is not functioning properly.

Error: (06/08/2021 12:20:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Windows Defender:
Date: 2021-06-08 13:30:15
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 13:08:19
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 11:50:00
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 11:41:42
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 10:50:03
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005

Date: 2021-06-08 10:50:08
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-06-08 10:38:01
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 1PCN73WW 04/22/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD A9-9410 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 74%
Total physical RAM: 3920.07 MB
Available physical RAM: 988.49 MB
Total Virtual: 4624.07 MB
Available Virtual: 1365.66 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:76.8 GB) NTFS

\\?\Volume{467b35af-180d-4ef4-a198-ecbd57b9ad6b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{b7295002-0aac-4eac-8cbe-508082c6c74c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

Disk: 0 (Size: 119.2 GB) (Disk ID: 6F7778AD)

Partition: GPT.

==================== End of Addition.txt =======================

Příspěvky: 71
Registrován: 20 říj 2019 16:46

Re: spomalene PC

#5 Příspěvek od alfonz.flower »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2021 01
Ran by Jarka Simkova (administrator) on LAPTOP-4PSLTPGA (LENOVO 80TD) (08-06-2021 13:33:50)
Running from C:\Users\Jarka Simkova\Desktop
Loaded Profiles: Jarka Simkova
Platform: Windows 10 Home Version 21H1 19043.1023 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0326809.inf_amd64_bfcaa662a6f3d02f\B325108\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0326809.inf_amd64_bfcaa662a6f3d02f\B325108\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1022_none_7e372e9e7c6ecccb\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009133C7-B9CB-4318-9EBE-6BF182799DEB} - \Lenovo\ImController\TimeBasedEvents\83448ab0-3ae0-4847-ac47-b1180e6f2568 -> No File <==== ATTENTION
Task: {0215D5A2-5FF5-4F2E-926B-183471E5DA73} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jarka Simkova\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-08] (ESET, spol. s r.o. -> ESET)
Task: {0CC485A8-4359-4FC3-B057-0CC5C78F6317} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {10D6AF18-EE7F-4872-80F0-E8AFE7BBA385} - \Lenovo\ImController\TimeBasedEvents\1ed76e21-6aed-4316-9ddf-41f997627221 -> No File <==== ATTENTION
Task: {24D727D8-22AB-4FC5-95F5-265DACFDDC58} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {2CDE6AF9-A543-4DA1-8922-20E2A1CD5B38} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3EFF10AD-287E-451A-87DC-D4F32F6B0B94} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {417BCBCB-00FE-4D11-836A-E52B771E357B} - \Lenovo\ImController\TimeBasedEvents\70f23f41-34e4-4ae7-b190-ec0af1a04da1 -> No File <==== ATTENTION
Task: {42F39AAE-9230-4D56-AA5A-5556C289FE22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {524C93C6-B3F9-413A-89B4-A43E149CF5B5} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jarka Simkova\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-08] (ESET, spol. s r.o. -> ESET)
Task: {594FD384-2FE9-4E73-806A-981B334565C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1122200 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {646FB878-9AA9-4297-9358-F08908596027} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {65744C64-3B79-4ADF-83F1-3FBC1E8847CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {77032FBE-3118-45F5-B26C-C771FBB34796} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {83A76978-F115-416B-8535-10A2582D4775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {845602A6-C681-4280-B1F7-801B05BB56FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {84C33941-96CF-45CF-ABE5-B1461DC9EF99} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9D3271F2-7F14-4EC3-9123-32BCDC05EDC3} - \Lenovo\ImController\TimeBasedEvents\1360665a-6133-4341-be29-ea2b99cc32fa -> No File <==== ATTENTION
Task: {AA4A682E-5693-48E2-A1B4-6C5513F87712} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B512C8B9-2791-42A9-B5C4-0EC9478635FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9E7ED4A-5FD5-49A3-97F0-7B817A3E5FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {E5FB513C-FB65-4EC5-9F13-503B05B80808} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC7C341B-F08F-42EF-BA41-FD435AA55C1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EED0C395-840E-4CCB-9E6F-BADE0414F716} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe
Task: {FD17AFB3-76C7-4D83-AB08-B4C6C1E8BD4E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {FD6A4626-BAF6-40C9-AE40-954C74EA58BD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {FFF3CD8A-3CDF-4168-AE6C-A1D6D425E66E} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{8b913afa-bb86-4ac9-8129-0c4b266c8ffc}: [DhcpNameServer]
Tcpip\..\Interfaces\{ce6aed68-19c5-44b6-94fd-9b8f71b58881}: [DhcpNameServer]

DownloadDir: C:\Users\Jarka Simkova\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Jarka Simkova\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-08]

FF DefaultProfile: 4x22v3ip.default
FF ProfilePath: C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default [2021-06-08]
FF Homepage: Mozilla\Firefox\Profiles\4x22v3ip.default -> www.google.sk
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2021-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-05-19]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

CHR Profile: C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentácie) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-22]
CHR Extension: (Dokumenty) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-22]
CHR Extension: (Disk Google) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-22]
CHR Extension: (Tabuľky) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Gmail) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-09] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2019-05-17] (EnTech Taiwan -> EnTech Taiwan)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 13:33 - 2021-06-08 13:34 - 000016525 _____ C:\Users\Jarka Simkova\Desktop\FRST.txt
2021-06-08 13:08 - 2021-06-08 13:08 - 000003890 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-06-08 13:08 - 2021-06-08 13:08 - 000003448 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-06-08 11:53 - 2021-06-08 11:53 - 011697056 _____ (ESET) C:\Users\Jarka Simkova\Downloads\esetonlinescanner.exe
2021-06-08 11:53 - 2021-06-08 11:53 - 000001401 _____ C:\Users\Jarka Simkova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-06-08 11:53 - 2021-06-08 11:53 - 000001295 _____ C:\Users\Jarka Simkova\Desktop\ESET Online Scanner.lnk
2021-06-08 11:53 - 2021-06-08 11:53 - 000000000 ____D C:\Users\Jarka Simkova\AppData\Local\ESET
2021-06-08 11:15 - 2021-06-08 11:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-08 11:15 - 2021-06-08 11:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-08 11:15 - 2021-06-08 11:15 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-08 11:15 - 2021-06-08 11:15 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-08 11:15 - 2021-06-08 11:15 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-08 11:15 - 2021-06-08 11:15 - 000011327 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-08 11:14 - 2021-06-08 11:14 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-08 11:14 - 2021-06-08 11:14 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-08 11:14 - 2021-06-08 11:14 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-08 11:14 - 2021-06-08 11:14 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-08 11:14 - 2021-06-08 11:14 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-08 11:14 - 2021-06-08 11:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-08 11:14 - 2021-06-08 11:14 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-08 10:50 - 2021-06-08 10:50 - 000000000 ____D C:\WINDOWS\Firmware
2021-06-08 10:42 - 2021-06-08 10:43 - 000000000 ____D C:\AdwCleaner
2021-06-08 10:41 - 2021-06-08 10:41 - 008534696 _____ (Malwarebytes) C:\Users\Jarka Simkova\Downloads\AdwCleaner.exe
2021-06-08 10:24 - 2021-06-08 13:34 - 000000000 ____D C:\FRST
2021-06-08 10:23 - 2021-06-08 10:23 - 002300416 _____ (Farbar) C:\Users\Jarka Simkova\Desktop\FRST64 (1).exe
2021-06-05 12:35 - 2021-06-05 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-04 21:38 - 2021-06-05 12:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-23 10:42 - 2021-05-23 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2021-05-14 20:58 - 2021-05-14 20:58 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 20:58 - 2021-05-14 20:58 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 20:57 - 2021-05-14 20:57 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 20:57 - 2021-05-14 20:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 20:56 - 2021-05-14 20:56 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 20:56 - 2021-05-14 20:56 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 13:30 - 2021-03-28 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-08 13:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-08 13:15 - 2021-03-29 05:25 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-08 13:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-08 13:09 - 2021-03-29 05:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-08 13:09 - 2021-03-28 09:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-08 13:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-08 13:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-08 13:09 - 2018-11-24 03:44 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-06-08 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-08 11:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-08 11:22 - 2021-03-28 09:51 - 000437984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-08 11:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-08 11:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-08 11:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-08 10:50 - 2018-04-17 21:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-08 10:49 - 2019-11-22 12:40 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-08 10:48 - 2020-06-23 21:18 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-08 10:48 - 2020-06-23 21:18 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-08 10:48 - 2020-06-23 21:18 - 000002293 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-08 10:47 - 2019-11-22 12:35 - 000000000 ____D C:\ProgramData\AVG
2021-06-08 10:43 - 2021-03-29 05:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-06-08 10:43 - 2020-03-13 07:14 - 000000000 ____D C:\WINDOWS\Lenovo
2021-06-08 10:43 - 2019-05-17 16:38 - 000000000 ____D C:\Users\Jarka Simkova\AppData\Local\Lenovo
2021-06-08 10:43 - 2018-11-24 03:32 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-08 10:40 - 2019-07-17 04:59 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-06-05 16:20 - 2019-05-19 20:39 - 000000000 ____D C:\Users\Jarka Simkova\AppData\LocalLow\Mozilla
2021-06-05 12:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 12:40 - 2019-05-19 20:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-05 12:37 - 2021-03-28 09:54 - 000000000 ____D C:\Users\Jarka Simkova
2021-06-05 12:37 - 2019-05-19 20:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-05 12:35 - 2019-05-19 20:38 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-04 22:01 - 2021-04-12 21:01 - 000003310 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d723a829aa6dd4
2021-06-04 22:01 - 2021-03-29 05:25 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-04 22:01 - 2021-03-29 05:25 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-04 22:01 - 2021-03-29 05:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-06-02 20:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-02 19:58 - 2020-11-01 13:49 - 000005406 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-27 21:17 - 2019-05-17 16:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-27 20:51 - 2020-01-12 22:04 - 000000000 ____D C:\Users\Jarka Simkova\Desktop\Nový priečinok
2021-05-27 20:01 - 2021-03-29 05:25 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-25 17:36 - 2019-10-03 22:59 - 000000000 ___HD C:\ProgramData\CyberLink
2021-05-23 10:42 - 2019-10-16 06:19 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-15 06:55 - 2019-12-07 16:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 21:03 - 2019-12-07 16:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 20:24 - 2019-06-02 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 20:01 - 2019-06-02 22:19 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118367
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: spomalene PC

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:

HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {009133C7-B9CB-4318-9EBE-6BF182799DEB} - \Lenovo\ImController\TimeBasedEvents\83448ab0-3ae0-4847-ac47-b1180e6f2568 -> No File <==== ATTENTION
Task: {10D6AF18-EE7F-4872-80F0-E8AFE7BBA385} - \Lenovo\ImController\TimeBasedEvents\1ed76e21-6aed-4316-9ddf-41f997627221 -> No File <==== ATTENTION
Task: {24D727D8-22AB-4FC5-95F5-265DACFDDC58} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {417BCBCB-00FE-4D11-836A-E52B771E357B} - \Lenovo\ImController\TimeBasedEvents\70f23f41-34e4-4ae7-b190-ec0af1a04da1 -> No File <==== ATTENTION
Task: {83A76978-F115-416B-8535-10A2582D4775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {84C33941-96CF-45CF-ABE5-B1461DC9EF99} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {9D3271F2-7F14-4EC3-9123-32BCDC05EDC3} - \Lenovo\ImController\TimeBasedEvents\1360665a-6133-4341-be29-ea2b99cc32fa -> No File <==== ATTENTION
Task: {D9E7ED4A-5FD5-49A3-97F0-7B817A3E5FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {FD6A4626-BAF6-40C9-AE40-954C74EA58BD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Windef stačí, pokud nemáte torrent, nebo nechodíte do "temných zákoutí" internetu. Ochrana softwarem 3. strany je ovšem lepší.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
