VIRY.CZ

Zdravim, skontrolujte notebook ci je poriadku... Ďakujem vopred

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (20-12-2020 15:53:22)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.46.23151.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera.exe <15>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35BEB5A9-7195-470E-BC6A-FF62E6E2E0FD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6E4D0764-3E3B-4CA7-9C04-0F9709776A70} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {819B5A06-CC08-44F8-AE8F-C3132123B396} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\55032416-e218-4ca5-8c46-32f0f418b007 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {83D13A35-CEFF-4087-8B46-107F2FA00225} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {87118D68-5E20-4B3C-A7CE-C56B2E6277AB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {AF640CE3-7202-4CCB-BCF5-7DE5926163E1} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {B3F6D722-A760-49B3-8E6F-B44899F98E60} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62280 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B8732A76-FF56-4829-BB90-82FC1DF201FA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\369de56c-706f-4abc-86a1-c4ea898ca8fa => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {BCCE88B5-9612-4C41-85F8-79D67D9F50C7} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CB615212-848D-4DAA-8B87-0F20814D0765} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\03154b73-3c31-40ed-b880-09a35ce9810d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E91E53E6-8A6F-447B-8D97-CC76D4A1FF04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EBB93582-D249-4319-B3F8-3D9762C937DA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\901b9f59-2169-44a3-a21a-350217b8c486 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-19]

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR DownloadDir: C:\Users\Kohutovci\Desktop
OPR Notifications: hxxps://sk.avon-brochure.com; hxxps://www.nike.sk; hxxps://www.zlavomat.sk
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-12-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47072 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129208 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-20 15:38 - 2020-12-20 15:57 - 000018770 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2020-12-20 10:22 - 2020-12-20 15:55 - 000000000 ____D C:\FRST
2020-12-20 10:20 - 2020-12-20 10:20 - 002286592 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2020-12-19 18:09 - 2020-12-19 18:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-19 18:08 - 2020-12-19 18:07 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-19 16:54 - 2020-12-19 16:54 - 000001036 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2020-12-19 16:54 - 2020-12-19 16:54 - 000001036 _____ C:\ProgramData\Desktop\LibreOffice.lnk
2020-12-19 16:54 - 2020-12-19 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-12-19 16:51 - 2020-12-19 16:52 - 000000000 ____D C:\Program Files\LibreOffice
2020-12-19 16:36 - 2020-12-19 16:36 - 000001053 _____ C:\Users\Public\Desktop\WinRAR.lnk
2020-12-19 16:36 - 2020-12-19 16:36 - 000001053 _____ C:\ProgramData\Desktop\WinRAR.lnk
2020-12-19 15:41 - 2020-12-19 15:40 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-19 15:41 - 2020-12-19 15:40 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-09 19:04 - 2020-12-09 19:04 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 19:04 - 2020-12-09 19:04 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 19:04 - 2020-12-09 19:04 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-05 00:38 - 2020-12-05 00:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-05 00:37 - 2020-12-05 00:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-05 00:37 - 2020-12-05 00:37 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-05 00:37 - 2020-12-05 00:37 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-05 00:35 - 2020-12-05 00:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-05 00:35 - 2020-12-05 00:35 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-05 00:35 - 2020-12-05 00:35 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-05 00:35 - 2020-12-05 00:35 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-05 00:34 - 2020-12-05 00:34 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-05 00:33 - 2020-12-05 00:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 11:10 - 2020-12-02 11:10 - 000001724 _____ C:\Users\Kohutovci\Desktop\COMODO Firewall.lnk
2020-12-02 00:18 - 2019-10-23 00:02 - 000017576 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdboot.sys
2020-12-01 23:47 - 2020-12-19 18:09 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-01 23:43 - 2020-12-02 00:19 - 000005892 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-01 23:43 - 2020-12-01 23:43 - 000000000 ___HD C:\VTRoot
2020-12-01 23:43 - 2020-12-01 23:43 - 000000000 ____D C:\Malwarebytes
2020-11-21 11:23 - 2020-11-21 11:23 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-20 15:56 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2020-12-20 15:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-20 15:35 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-20 11:01 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2020-12-20 10:14 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-12-20 04:40 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2020-12-20 00:18 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-20 00:10 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-20 00:10 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-20 00:10 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-20 00:09 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-20 00:08 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2020-12-19 22:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-19 22:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-19 22:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-19 21:21 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2020-12-19 19:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-19 19:03 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 19:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-19 18:09 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-19 18:09 - 2019-05-17 22:10 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-19 18:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-19 18:07 - 2019-05-17 22:10 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-19 17:16 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2020-12-19 17:16 - 2018-05-11 16:47 - 000000921 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2020-12-19 17:01 - 2020-06-28 16:36 - 000623296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-19 16:40 - 2018-12-28 22:22 - 000001794 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-12-19 16:40 - 2018-12-28 22:22 - 000001794 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-12-19 16:40 - 2018-04-03 14:07 - 000001740 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-12-19 16:40 - 2018-04-03 14:07 - 000000000 ____D C:\Program Files\CDBurnerXP
2020-12-19 16:36 - 2018-04-03 13:58 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2020-12-19 16:36 - 2018-04-03 13:58 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-19 16:36 - 2018-04-03 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-19 16:25 - 2018-12-29 23:16 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\KMP
2020-12-19 16:25 - 2018-12-29 23:14 - 000000898 _____ C:\Users\Kohutovci\Desktop\KMPlayer 64X.lnk
2020-12-19 16:23 - 2020-10-11 08:18 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-19 16:23 - 2020-10-11 08:18 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-19 16:23 - 2020-06-28 17:02 - 000003318 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2020-12-19 16:23 - 2020-06-28 17:02 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-19 16:23 - 2020-06-28 17:02 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-19 16:23 - 2020-06-28 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-19 15:41 - 2020-06-28 17:02 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-19 15:40 - 2020-09-01 21:17 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-19 15:40 - 2020-04-03 08:06 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-19 15:40 - 2019-01-14 15:32 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-19 15:40 - 2019-01-05 14:54 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-19 15:40 - 2019-01-05 14:54 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-19 15:40 - 2019-01-05 14:54 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-19 15:40 - 2018-10-09 13:36 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-19 15:40 - 2018-06-20 15:42 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-19 09:09 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2020-12-17 14:02 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-12-10 10:24 - 2018-04-02 16:25 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-05 09:28 - 2020-06-28 16:44 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-11-24 10:58 - 2018-03-28 06:50 - 000087594 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2020-11-21 12:29 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2020-11-21 11:14 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-11-21 11:10 - 2018-04-02 19:30 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-11-21 10:34 - 2017-11-28 06:57 - 000000000 ____D C:\ProgramData\Lenovo

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Kohutovci (20-12-2020 15:59:38)
Running from C:\Users\Kohutovci\Desktop
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2020.06.09.40 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 73.0.3856.284 (HKLM-x32\...\Opera 73.0.3856.284) (Version: 73.0.3856.284 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 5.91 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-24] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4 [2020-12-15] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-20] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-12 17:41 - 2020-05-30 19:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2020-06-19 22:02 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C88A32A8-5D45-44B2-ABD8-8BE0D2B0BB4E}] => (Allow) C:\Program Files\Opera\73.0.3856.257\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{13D17639-916F-42A7-BEC7-9B74D9070D0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7303F91B-DA65-4B1C-A954-4541041DA90E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93B9DEC7-B561-4BB4-A8AB-89C0C3410681}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C5AC5B7-BB1C-40C8-AD25-6E984F7057B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E68FAD8-3C3A-4600-B5A2-53D68C5FA785}] => (Allow) C:\Program Files\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

19-12-2020 16:45:15 Removed LibreOffice 6.1.3.2

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/20/2020 03:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0xc04
Čas spustenia chybujúcej aplikácie: 0x01d6d6e037ea83ea
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: a7da26ce-853d-4999-9c9b-bfcf9c96c648
Celé meno chybujúceho balíka: Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.MicrosoftOfficeHub

Error: (12/20/2020 03:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x3048
Čas spustenia chybujúcej aplikácie: 0x01d6d6e037e70985
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 9bd943c9-9c12-4900-9470-9838acf1d5c7
Celé meno chybujúceho balíka: Microsoft.BingWeather_4.46.23151.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 03:53:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x6e8
Čas spustenia chybujúcej aplikácie: 0x01d6d6dfd2656475
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 7eec3883-353f-4127-811a-bc2584e82391
Celé meno chybujúceho balíka: Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 03:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x3660
Čas spustenia chybujúcej aplikácie: 0x01d6d6de14192a7e
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f73c8d3f-571e-473c-bbbf-bffd014cf2ba
Celé meno chybujúceho balíka: Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 03:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x1808
Čas spustenia chybujúcej aplikácie: 0x01d6d6de14163d9e
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cc5f5d79-daa6-4280-b33b-a2f17ef43fcc
Celé meno chybujúceho balíka: Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 03:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x634
Čas spustenia chybujúcej aplikácie: 0x01d6d6de140eff20
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2f44dacb-6f0a-4726-9c62-ec314a1faa27
Celé meno chybujúceho balíka: Microsoft.BingWeather_4.46.23151.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 03:40:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x36fc
Čas spustenia chybujúcej aplikácie: 0x01d6d6de14177c87
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2f746fcc-7dcd-4edc-a91f-baebd08e78a2
Celé meno chybujúceho balíka: Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: Microsoft.MicrosoftOfficeHub

Error: (12/20/2020 03:36:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x3358
Čas spustenia chybujúcej aplikácie: 0x01d6d6dd8ef844a7
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: ef466d2c-7834-4a36-9bed-73dedcbc8b76
Celé meno chybujúceho balíka: Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App


System errors:
=============
Error: (12/20/2020 03:56:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.BingWeather_4.46.23151.0_x64__8wekyb3d8bbwe!App.AppXydmptpzm8pts0mhzrytvzy52ye9x3ttq.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:56:01 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:53:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:40:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXx4zfy1ffv3wctgdz2vypnybzjkh27jhw.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:40:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:40:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.BingWeather_4.46.23151.0_x64__8wekyb3d8bbwe!App.AppXydmptpzm8pts0mhzrytvzy52ye9x3ttq.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:40:43 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.MicrosoftOfficeHub_18.2008.12711.0_x64__8wekyb3d8bbwe!Microsoft.MicrosoftOfficeHub.AppXt4mh7c9swwc5cmd5jgmtmwcfmvkddpn1.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 03:36:57 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.19041.423_neutral_neutral_cw5n1h2txyewy!App.AppXadns4p0eqjaenk2bd16aj0cypbrs3e5w.mca did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2020-12-20 15:58:10.2370000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 15:55:55.8360000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 15:53:04.7310000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 15:47:03.6110000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 15:40:36.5010000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 14:57:58.9400000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 14:45:39.9000000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 14:38:01.6260000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 89%
Total physical RAM: 3893.05 MB
Available physical RAM: 401.09 MB
Total Virtual: 7861.05 MB
Available Virtual: 2620.09 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:393.05 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS

\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)

Partition: GPT.

==================== End of Addition.txt =======================

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-11-23.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-20-2020
# Duration: 00:00:21
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Not Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Not Deleted Preinstalled.LenovoIMController Folder C:\Users\Kohutovci\AppData\Local\LENOVO\IMCONTROLLER
Not Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1865 octets] - [20/12/2020 16:43:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dobre, urobte a dajte sem nove logy FRST + ADDITION.

can result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by Kohutovci (administrator) on LAPTOP-A29B8RGD (LENOVO 80TL) (20-12-2020 17:09:22)
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Platform: Windows 10 Home Version 20H2 19042.685 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_d595a90c64d2fea0\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <3>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera.exe <11>
(Opera Software AS -> Opera Software) C:\Program Files\Opera\73.0.3856.284\opera_crashreporter.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35BEB5A9-7195-470E-BC6A-FF62E6E2E0FD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4654C5FA-597F-448F-A3B7-5849AC03740F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {60FCA18E-FE01-4090-AB39-6FC7B6BA9B45} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6E4D0764-3E3B-4CA7-9C04-0F9709776A70} - System32\Tasks\Opera scheduled Autoupdate 1522223126 => C:\Program Files\Opera\launcher.exe [1776664 2020-12-16] (Opera Software AS -> Opera Software)
Task: {819B5A06-CC08-44F8-AE8F-C3132123B396} - \Lenovo\ImController\TimeBasedEvents\55032416-e218-4ca5-8c46-32f0f418b007 -> No File <==== ATTENTION
Task: {8352A565-3B21-4BA3-B706-C809A1A39EBD} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {83D13A35-CEFF-4087-8B46-107F2FA00225} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {87118D68-5E20-4B3C-A7CE-C56B2E6277AB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
Task: {A0187FC6-DF11-4E4C-9B7A-567958446236} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {AF640CE3-7202-4CCB-BCF5-7DE5926163E1} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144312 2020-09-15] (Lenovo -> Lenovo Group Ltd.)
Task: {B3F6D722-A760-49B3-8E6F-B44899F98E60} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {B8732A76-FF56-4829-BB90-82FC1DF201FA} - \Lenovo\ImController\TimeBasedEvents\369de56c-706f-4abc-86a1-c4ea898ca8fa -> No File <==== ATTENTION
Task: {BCCE88B5-9612-4C41-85F8-79D67D9F50C7} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {C5B7651A-264B-4E1F-B269-0D469F5608D5} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13189920 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {CB615212-848D-4DAA-8B87-0F20814D0765} - \Lenovo\ImController\TimeBasedEvents\03154b73-3c31-40ed-b880-09a35ce9810d -> No File <==== ATTENTION
Task: {D405FA29-2BCD-4A2A-85EB-7EC53A987F8E} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {DF24313E-FDAA-466E-8529-EC275E499A29} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {E91E53E6-8A6F-447B-8D97-CC76D4A1FF04} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EBB93582-D249-4319-B3F8-3D9762C937DA} - \Lenovo\ImController\TimeBasedEvents\901b9f59-2169-44a3-a21a-350217b8c486 -> No File <==== ATTENTION
Task: {F422B30E-3711-4745-8066-B89C12110885} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F74DC4FE-BA17-45E8-9994-9EDB536E7374} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe [24408 2020-11-05] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4d832077-b927-47e7-9ab0-800bad674abc}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{c5399d1f-95f1-4412-aa35-ff355897d454}: [DhcpNameServer] 172.21.21.9 8.8.8.8

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kohutovci\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-19]

FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)

Opera:
=======
OPR DownloadDir: C:\Users\Kohutovci\Desktop
OPR Notifications: hxxps://sk.avon-brochure.com; hxxps://www.nike.sk; hxxps://www.zlavomat.sk
OPR Extension: (Rich Hints Agent) - C:\Users\Kohutovci\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-12-28] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334176 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81744 2020-09-24] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\LenovoVantageService.exe [29520 2020-11-05] (Lenovo -> Lenovo Group Ltd.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469472 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216984 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326064 2020-12-19] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [39056 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844176 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47072 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129208 2019-11-13] (Comodo Security Solutions, Inc. -> COMODO)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-19] (Malwarebytes Inc -> Malwarebytes)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-11-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-20 17:09 - 2020-12-20 17:13 - 000017967 _____ C:\Users\Kohutovci\Desktop\FRST.txt
2020-12-20 16:42 - 2020-12-20 16:46 - 000000000 ____D C:\AdwCleaner
2020-12-20 16:40 - 2020-12-20 16:40 - 008447152 _____ (Malwarebytes) C:\Users\Kohutovci\Desktop\adwcleaner_8.0.8.exe
2020-12-20 10:22 - 2020-12-20 17:11 - 000000000 ____D C:\FRST
2020-12-20 10:20 - 2020-12-20 10:20 - 002286592 _____ (Farbar) C:\Users\Kohutovci\Desktop\FRST64.exe
2020-12-19 18:09 - 2020-12-19 18:09 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-19 18:08 - 2020-12-19 18:07 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-12-19 16:54 - 2020-12-19 16:54 - 000001036 _____ C:\Users\Public\Desktop\LibreOffice.lnk
2020-12-19 16:54 - 2020-12-19 16:54 - 000001036 _____ C:\ProgramData\Desktop\LibreOffice.lnk
2020-12-19 16:54 - 2020-12-19 16:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.0
2020-12-19 16:51 - 2020-12-19 16:52 - 000000000 ____D C:\Program Files\LibreOffice
2020-12-19 16:36 - 2020-12-19 16:36 - 000001053 _____ C:\Users\Public\Desktop\WinRAR.lnk
2020-12-19 16:36 - 2020-12-19 16:36 - 000001053 _____ C:\ProgramData\Desktop\WinRAR.lnk
2020-12-19 15:41 - 2020-12-19 15:40 - 000340576 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-12-19 15:41 - 2020-12-19 15:40 - 000216984 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-12-09 19:04 - 2020-12-09 19:04 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 19:04 - 2020-12-09 19:04 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 19:04 - 2020-12-09 19:04 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-05 00:38 - 2020-12-05 00:38 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-05 00:37 - 2020-12-05 00:37 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-05 00:37 - 2020-12-05 00:37 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-05 00:37 - 2020-12-05 00:37 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-05 00:36 - 2020-12-05 00:36 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-05 00:35 - 2020-12-05 00:35 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-05 00:35 - 2020-12-05 00:35 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-05 00:35 - 2020-12-05 00:35 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-05 00:35 - 2020-12-05 00:35 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-05 00:34 - 2020-12-05 00:34 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-05 00:33 - 2020-12-05 00:33 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-05 00:33 - 2020-12-05 00:33 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-02 11:10 - 2020-12-02 11:10 - 000001724 _____ C:\Users\Kohutovci\Desktop\COMODO Firewall.lnk
2020-12-02 00:18 - 2019-10-23 00:02 - 000017576 _____ (COMODO) C:\WINDOWS\system32\Drivers\cmdboot.sys
2020-12-01 23:47 - 2020-12-19 18:09 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-01 23:43 - 2020-12-02 00:19 - 000005892 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2020-12-01 23:43 - 2020-12-01 23:43 - 000000000 ___HD C:\VTRoot
2020-12-01 23:43 - 2020-12-01 23:43 - 000000000 ____D C:\Malwarebytes
2020-11-21 11:23 - 2020-11-21 11:23 - 000001786 _____ C:\Users\Kohutovci\Desktop\Java.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-20 17:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-20 17:03 - 2018-08-20 11:30 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\CrashDumps
2020-12-20 17:03 - 2018-03-30 21:29 - 000000000 ____D C:\Program Files\CCleaner
2020-12-20 16:51 - 2020-06-28 17:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-20 16:51 - 2020-06-28 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-20 16:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-20 16:50 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-20 16:49 - 2018-04-03 16:57 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-20 16:46 - 2020-06-28 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2020-12-20 15:35 - 2020-06-28 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-20 11:01 - 2020-06-28 17:02 - 000004220 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{C741AC4B-73C4-4C05-B853-1F790EA5581B}
2020-12-20 10:14 - 2018-04-02 18:33 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2020-12-20 00:08 - 2020-06-28 13:04 - 000000000 ____D C:\Users\Kohutovci
2020-12-19 22:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-19 22:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-12-19 22:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-19 21:21 - 2018-07-26 09:09 - 000000000 ____D C:\Users\Kohutovci\AppData\Local\D3DSCache
2020-12-19 19:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-19 19:03 - 2020-06-05 17:56 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-19 19:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-19 18:09 - 2019-05-17 22:10 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-19 18:09 - 2019-05-17 22:10 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-12-19 18:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-19 18:07 - 2019-05-17 22:10 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-12-19 17:16 - 2018-05-11 16:47 - 000000921 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2020-12-19 17:16 - 2018-05-11 16:47 - 000000921 _____ C:\ProgramData\Desktop\CPUID CPU-Z.lnk
2020-12-19 17:01 - 2020-06-28 16:36 - 000623296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-19 16:40 - 2018-12-28 22:22 - 000001794 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-12-19 16:40 - 2018-12-28 22:22 - 000001794 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-12-19 16:40 - 2018-04-03 14:07 - 000001740 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-12-19 16:40 - 2018-04-03 14:07 - 000000000 ____D C:\Program Files\CDBurnerXP
2020-12-19 16:36 - 2018-04-03 13:58 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk
2020-12-19 16:36 - 2018-04-03 13:58 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-19 16:36 - 2018-04-03 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2020-12-19 16:25 - 2018-12-29 23:16 - 000000000 ____D C:\Users\Kohutovci\AppData\Roaming\KMP
2020-12-19 16:25 - 2018-12-29 23:14 - 000000898 _____ C:\Users\Kohutovci\Desktop\KMPlayer 64X.lnk
2020-12-19 16:23 - 2020-10-11 08:18 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-19 16:23 - 2020-10-11 08:18 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-19 16:23 - 2020-06-28 17:02 - 000003318 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1522223126
2020-12-19 16:23 - 2020-06-28 17:02 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-19 16:23 - 2020-06-28 17:02 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-19 16:23 - 2020-06-28 17:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-19 15:41 - 2020-06-28 17:02 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-12-19 15:40 - 2020-09-01 21:17 - 000176384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-12-19 15:40 - 2020-04-03 08:06 - 000522480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-12-19 15:40 - 2019-01-14 15:32 - 000332880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-12-19 15:40 - 2019-01-05 14:54 - 000247888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-12-19 15:40 - 2019-01-05 14:54 - 000097360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-12-19 15:40 - 2019-01-05 14:54 - 000036792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-12-19 15:40 - 2018-10-09 13:36 - 000042424 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-12-19 15:40 - 2018-06-20 15:42 - 000016832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000851256 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000469472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000326064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000208672 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000108928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-12-19 15:40 - 2018-04-03 17:01 - 000084496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-12-19 09:09 - 2018-03-28 08:45 - 000000000 ____D C:\Program Files\Opera
2020-12-17 14:02 - 2018-03-28 08:45 - 000001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-12-10 10:24 - 2018-04-02 16:25 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 19:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-05 09:28 - 2020-06-28 16:44 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-05 09:17 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-11-24 10:58 - 2018-03-28 06:50 - 000087594 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2020-11-21 12:29 - 2018-04-02 19:30 - 000000000 ____D C:\Program Files (x86)\Java
2020-11-21 11:14 - 2018-04-02 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2020-11-21 11:10 - 2018-04-02 19:30 - 000165032 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2020-11-21 10:34 - 2017-11-28 06:57 - 000000000 ____D C:\ProgramData\Lenovo

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Kohutovci (20-12-2020 17:17:34)
Running from C:\Users\Kohutovci\Desktop
Windows 10 Home Version 20H2 19042.685 (X64) (2020-06-28 16:04:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2907761124-1722388098-2410732583-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2907761124-1722388098-2410732583-503 - Limited - Disabled)
Guest (S-1-5-21-2907761124-1722388098-2410732583-501 - Limited - Disabled)
Kohutovci (S-1-5-21-2907761124-1722388098-2410732583-1001 - Administrator - Enabled) => C:\Users\Kohutovci
WDAGUtilityAccount (S-1-5-21-2907761124-1722388098-2410732583-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: COMODO Firewall (Disabled) {3083CA8D-8618-5BD3-8A5F-9667D5C8267D}
FW: COMODO Firewall (Enabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
COMODO Firewall (HKLM\...\{9A106F13-BA73-4E76-AB5E-D37BAEF94A24}) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.) Hidden
COMODO Firewall (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7062 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.94 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.94 - CPUID, Inc.)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7156 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
KMPlayer 64X (remove only) (HKLM\...\KMPlayer 64X) (Version: 2020.06.09.40 - PandoraTV)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
LibreOffice 7.0.3.1 (HKLM\...\{3C4801FF-3D7B-4804-877E-3A322C00524C}) (Version: 7.0.3.1 - The Document Foundation)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft OneDrive (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Mail 1.0 (HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\...\Opera 1.0.1044) (Version: 1.0.1044 - Opera Software ASA)
Opera Stable 73.0.3856.284 (HKLM-x32\...\Opera 73.0.3856.284) (Version: 73.0.3856.284 - Opera Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WinRAR 5.91 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-03] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2011.20.0_x64__k1h2ywk1493x8 [2020-11-24] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.1.19.0_x64__5grkq8ppsgwt4 [2020-12-15] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2018-06-27] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-20] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-12-19] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2020-09-25] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-12 17:41 - 2020-05-30 19:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\SQLite.Interop.dll
2020-06-19 22:02 - 2020-04-09 08:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.sk/
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-21] (Oracle America, Inc. -> Oracle Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-01-04 11:00 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Wi-Fi: COMODO Internet Security Firewall Driver -> inspect (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F0C37DF3-9B47-442F-B738-77306B89CB9A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D5AFF92B-5FE7-4255-8C8C-8A4170E41591}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C88A32A8-5D45-44B2-ABD8-8BE0D2B0BB4E}] => (Allow) C:\Program Files\Opera\73.0.3856.257\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{13D17639-916F-42A7-BEC7-9B74D9070D0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7303F91B-DA65-4B1C-A954-4541041DA90E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{93B9DEC7-B561-4BB4-A8AB-89C0C3410681}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C5AC5B7-BB1C-40C8-AD25-6E984F7057B7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E68FAD8-3C3A-4600-B5A2-53D68C5FA785}] => (Allow) C:\Program Files\Opera\73.0.3856.284\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

19-12-2020 16:45:15 Removed LibreOffice 6.1.3.2
20-12-2020 16:45:14 AdwCleaner_BeforeCleaning_20/12/2020_16:45:13

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/20/2020 05:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x28f0
Čas spustenia chybujúcej aplikácie: 0x01d6d6e9a2d16b42
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 20ae6dba-d1a8-40e4-8993-45afa64bec67
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 05:03:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x2b40
Čas spustenia chybujúcej aplikácie: 0x01d6d6e99a43fb19
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: aa063131-f968-4c97-9b33-6f504a35e30f
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 04:57:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x2678
Čas spustenia chybujúcej aplikácie: 0x01d6d6e8cf73136e
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 3039c0ad-522f-4071-9770-6038c6e53bb7
Celé meno chybujúceho balíka: Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 04:57:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x2608
Čas spustenia chybujúcej aplikácie: 0x01d6d6e8cf3e1568
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 8528d856-9933-4bfd-93e3-9f42dc625ad9
Celé meno chybujúceho balíka: Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: CortanaUI

Error: (12/20/2020 04:56:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x644
Čas spustenia chybujúcej aplikácie: 0x01d6d6e8a865fb84
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 52eff47e-19ef-4f33-bf9b-b00274e16aff
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 04:56:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: BackgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x203c
Čas spustenia chybujúcej aplikácie: 0x01d6d6e8a4e8ee9b
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\BackgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2dac76ba-3bb8-480e-a5c9-595d8b470690
Celé meno chybujúceho balíka: Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (12/20/2020 04:56:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program StartMenuExperienceHost.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1c70

Start Time: 01d6d6e84be4a933

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe

Report Id: 4ed15dc6-db76-4cf3-8978-294c6601ba1e

Faulting package full name: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.610_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: App

Hang type: Cross-thread

Error: (12/20/2020 04:54:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.19041.546, časová značka: 0x1d3a15e7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.662, časová značka: 0xec58f015
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd5c
Identifikácia chybujúceho procesu: 0x1918
Čas spustenia chybujúcej aplikácie: 0x01d6d6e8654a2b77
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: c90c9422-1a0a-43e0-98da-cb4fa80e046f
Celé meno chybujúceho balíka: Microsoft.People_10.1909.10841.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x


System errors:
=============
Error: (12/20/2020 05:03:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (12/20/2020 05:03:11 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.

Error: (12/20/2020 05:00:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Guard Runtime Monitor Broker zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (12/20/2020 05:00:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby System Guard Runtime Monitor Broker bol dosiahnutý časový limit (30000 ms).

Error: (12/20/2020 04:57:45 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe!App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 04:57:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Delivery Optimization sa pri spustení zablokovala.

Error: (12/20/2020 04:57:28 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.Windows.Search_1.14.0.19041_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX49we79s9ab0xp8xpjb6t6g31ep03r71y.mca did not register with DCOM within the required timeout.

Error: (12/20/2020 04:56:48 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-A29B8RGD)
Description: The server Microsoft.AAD.BrokerPlugin_1000.19041.423.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2020-12-20 17:20:42.3240000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 17:13:39.3870000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 17:09:05.6280000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 17:09:05.2610000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 17:08:33.3230000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 17:07:39.2580000Z
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 17:03:50.0410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-12-20 17:03:50.0220000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO 1KCN51WW 06/03/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-6006U CPU @ 2.00GHz
Percentage of memory in use: 87%
Total physical RAM: 3893.05 MB
Available physical RAM: 493.98 MB
Total Virtual: 7861.05 MB
Available Virtual: 3957.2 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:439.51 GB) (Free:392.25 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.26 GB) NTFS

\\?\Volume{962eb36b-ee02-43e8-9b74-a9249f28c593}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{38a8cb0d-2b68-475b-89bc-5f35bca20a90}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2EE7FFA2)

Partition: GPT.

==================== End of Addition.txt =======================

Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by Kohutovci (21-12-2020 22:12:44) Run:1
Running from C:\Users\Kohutovci\Desktop
Loaded Profiles: Kohutovci
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {819B5A06-CC08-44F8-AE8F-C3132123B396} - \Lenovo\ImController\TimeBasedEvents\55032416-e218-4ca5-8c46-32f0f418b007 -> No File <==== ATTENTION
Task: {83D13A35-CEFF-4087-8B46-107F2FA00225} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {B3F6D722-A760-49B3-8E6F-B44899F98E60} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {B8732A76-FF56-4829-BB90-82FC1DF201FA} - \Lenovo\ImController\TimeBasedEvents\369de56c-706f-4abc-86a1-c4ea898ca8fa -> No File <==== ATTENTION
Task: {BCCE88B5-9612-4C41-85F8-79D67D9F50C7} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {CB615212-848D-4DAA-8B87-0F20814D0765} - \Lenovo\ImController\TimeBasedEvents\03154b73-3c31-40ed-b880-09a35ce9810d -> No File <==== ATTENTION
Task: {EBB93582-D249-4319-B3F8-3D9762C937DA} - \Lenovo\ImController\TimeBasedEvents\901b9f59-2169-44a3-a21a-350217b8c486 -> No File <==== ATTENTION
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> DefaultScope {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =
SearchScopes: HKU\S-1-5-21-2907761124-1722388098-2410732583-1001 -> {E78F43CD-30EF-43D7-BDA0-AA6D33F90220} URL =

EmptyTemp:
*****************

HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{819B5A06-CC08-44F8-AE8F-C3132123B396}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{819B5A06-CC08-44F8-AE8F-C3132123B396}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\55032416-e218-4ca5-8c46-32f0f418b007" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{83D13A35-CEFF-4087-8B46-107F2FA00225}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83D13A35-CEFF-4087-8B46-107F2FA00225}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3F6D722-A760-49B3-8E6F-B44899F98E60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3F6D722-A760-49B3-8E6F-B44899F98E60}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8732A76-FF56-4829-BB90-82FC1DF201FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8732A76-FF56-4829-BB90-82FC1DF201FA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\369de56c-706f-4abc-86a1-c4ea898ca8fa" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCCE88B5-9612-4C41-85F8-79D67D9F50C7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCCE88B5-9612-4C41-85F8-79D67D9F50C7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CB615212-848D-4DAA-8B87-0F20814D0765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB615212-848D-4DAA-8B87-0F20814D0765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\03154b73-3c31-40ed-b880-09a35ce9810d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBB93582-D249-4319-B3F8-3D9762C937DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBB93582-D249-4319-B3F8-3D9762C937DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\901b9f59-2169-44a3-a21a-350217b8c486" => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM => removed successfully
C:\ProgramData\Reprise => ":wupeogjxlctlfudivq`qsp`29hfm" ADS removed successfully
"HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2907761124-1722388098-2410732583-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E78F43CD-30EF-43D7-BDA0-AA6D33F90220} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25341947 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 3716184 B
Edge => 38400 B
Chrome => 0 B
Firefox => 0 B
Opera => 390025973 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 19178 B
NetworkService => 19178 B
Kohutovci => 9990178 B

RecycleBin => 59351 B
EmptyTemp: => 419.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:13:57 ====

Vypada to dobre. Ako je na tom pocitac?

Bez problemov vsetko je poriadku

Tak by som povedal, "Hotovo" :]]