VIRY.CZ

Dobry den, mohol by som poprosit o kontrolu? Mama ma notebook Lenovo Ideapad 330S a strasne jej zamrza, otvorenie prehliadaca trva niekolko minut, ine aplikacie tiez trvaju vecnost kym sa otvoria.

Dakujem.


Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by 42195 (21-04-2021 20:56:54)
Running from C:\Users\42195\Desktop
Windows 10 Home Version 2004 19041.928 (X64) (2020-12-17 17:33:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

42195 (S-1-5-21-3688312555-2552052780-2398578842-1001 - Administrator - Enabled) => C:\Users\42195
Administrator (S-1-5-21-3688312555-2552052780-2398578842-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3688312555-2552052780-2398578842-503 - Limited - Disabled)
Guest (S-1-5-21-3688312555-2552052780-2398578842-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3688312555-2552052780-2398578842-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Photo Studio Professional 2018 (64-bit) (HKLM\...\{1137BB4F-4D0B-4CBA-962A-79EFECD36B3F}) (Version: 11.0.0.785 - ACD Systems International Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Stable 75.0.3969.171 (HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\Opera 75.0.3969.171) (Version: 75.0.3969.171 - Opera Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20200.247.0_x64__rz1tebttyb220 [2019-03-15] (Dolby Laboratories)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-03-14] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-09] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-23] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-14] (Microsoft Studios) [MS Ad]
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-01] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-11-11] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4220304 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2012-05-03 11:47 - 2012-05-03 11:47 - 001681408 _____ (/n software inc. - www.nsoftware.com) [File not signed] C:\Program Files\ACD Systems\ACDSee Pro\11.0\ipworksssl8.dll
2020-12-21 12:46 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-06-19 19:39 - 2020-04-09 09:17 - 000944840 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3688312555-2552052780-2398578842-1001 -> DefaultScope {70CD5A43-FC74-428C-B4AC-0F86769DD662} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Control Panel\Desktop\\Wallpaper -> C:\Vieročka\stiahnuté súbory\61268272_2349491521760855_6439976411477311488_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E43409E3-1687-4CBE-9FAB-7865AC2282E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20410.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{89A401E5-DCF1-4E33-AB66-F71FF18597DB}C:\users\42195\desktop\anydesk.exe] => (Allow) C:\users\42195\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{AC62F1B7-2745-4ADC-8923-B21C41BB807A}C:\users\42195\desktop\anydesk.exe] => (Allow) C:\users\42195\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP - Installer for ACDSee Commander Professional 2018] => (Allow) C:\Program Files\ACD Systems\ACDSee Pro\11.0\ACDSeeCommanderPro11.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Professional 2018] => (Allow) C:\Program Files\ACD Systems\ACDSee Pro\11.0\ACDSeeCommanderPro11.exe (ACD Systems International Inc. -> )
FirewallRules: [{04522499-32CB-49C2-A28C-A70FCFC1A2F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11E67AC2-8B73-430C-929F-0D594C8F8C55}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88ACA635-3FBB-4AF4-A2C6-2740E3857639}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF927093-418F-44AF-B34F-8B198CDE15A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A4B2E5E5-939C-42AA-BE06-B256E2A6891D}C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{C1A30A9C-827C-4E95-BCFF-CD17CE1BB92F}C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

06-04-2021 20:00:55 Scheduled Checkpoint
15-04-2021 23:36:24 Inštalátor modulov systému Windows
15-04-2021 23:50:45 Inštalátor modulov systému Windows
21-04-2021 20:27:30 Odstránené Microsoft Update Health Tools

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/10/2021 01:49:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.78.0.8558 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1ae4

Start Time: 01d724d718591674

Termination Time: 4294967295

Application Path: C:\Program Files\CCleaner\CCleaner64.exe

Report Id: 21df5290-95a5-473f-8e1a-4c8512a399ac

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (03/28/2021 10:58:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Elements (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)


System errors:
=============
Error: (04/21/2021 08:50:39 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (04/21/2021 08:43:40 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (04/21/2021 08:34:27 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba aswbIDSAgent sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.

Error: (04/21/2021 08:21:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (04/21/2021 03:28:57 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (04/21/2021 02:53:09 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (04/21/2021 12:50:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (04/21/2021 11:32:10 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-R9921TTS)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.


CodeIntegrity:
===============
Date: 2021-04-21 20:40:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-04-21 20:37:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 7SCN27WW 11/28/2018
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-8130U CPU @ 2.20GHz
Percentage of memory in use: 88%
Total physical RAM: 4005.22 MB
Available physical RAM: 445.49 MB
Total Virtual: 13221.22 MB
Available Virtual: 8000.52 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.26 GB) (Free:774.44 GB) NTFS

\\?\Volume{ce17a51a-2797-4bd2-a94d-d56627b388f6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{3b593c47-7b22-4b5f-9eac-a64aa9ee498a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BB263FC2)

Partition: GPT.

==================== End of Addition.txt =======================






FRST log:


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32236081-3a9e-46e7-a08b-114e9295e2da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6d7643f-dca9-480d-ad60-9ac227aa0fb2}: [DhcpNameServer] 150.205.1.2

Edge:
=======
DownloadDir: C:\Users\42195\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\42195\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-21]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
OPR Profile: C:\Users\42195\AppData\Roaming\Opera Software\Opera Stable [2021-04-21]
OPR Notifications: Opera Stable -> hxxps://www.aliexpress.com; hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (AdBlock) - C:\Users\42195\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-10-14]
OPR Extension: (Rich Hints Agent) - C:\Users\42195\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-21]
StartMenuInternet: (HKU\S-1-5-21-3688312555-2552052780-2398578842-1001) OperaStable - "C:\Users\42195\AppData\Local\Programs\Opera\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602632 2018-08-14] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [306040 2018-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-08-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-21 20:53 - 2021-04-21 20:54 - 000007227 _____ C:\Users\42195\Desktop\FRST.txt
2021-04-21 20:51 - 2021-04-21 20:53 - 000000000 ____D C:\FRST
2021-04-21 20:51 - 2021-04-21 20:51 - 002298368 _____ (Farbar) C:\Users\42195\Desktop\FRST64.exe
2021-04-16 00:28 - 2021-04-16 00:28 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 00:25 - 2021-04-16 00:25 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 00:25 - 2021-04-16 00:25 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-28 21:05 - 2021-03-28 21:04 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-28 21:05 - 2021-03-28 21:04 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-21 20:49 - 2019-09-25 13:53 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-21 20:48 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-21 20:48 - 2019-12-06 21:30 - 000000000 ____D C:\Program Files\CCleaner
2021-04-21 20:40 - 2020-12-17 19:27 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-21 20:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-21 20:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-21 20:37 - 2019-09-24 22:04 - 000000000 __SHD C:\Users\42195\IntelGraphicsProfiles
2021-04-21 20:36 - 2020-12-17 19:15 - 000442912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-21 20:35 - 2020-12-17 19:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-21 20:35 - 2020-12-17 19:15 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-21 20:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-21 20:34 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-21 20:29 - 2020-12-17 12:10 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-21 20:29 - 2019-11-11 21:11 - 000000000 ____D C:\Users\42195\AppData\Local\CrashDumps
2021-04-21 20:29 - 2019-09-24 22:05 - 000000000 ____D C:\Users\42195\AppData\Local\Packages
2021-04-21 20:28 - 2020-09-30 11:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 20:28 - 2019-09-25 13:49 - 000000000 ____D C:\Users\42195\AppData\Local\PlaceholderTileLogoFolder
2021-04-21 20:27 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-21 20:15 - 2020-12-17 19:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-20 22:55 - 2020-12-17 19:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-17 10:34 - 2020-06-12 23:15 - 000002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-17 10:34 - 2020-06-12 23:15 - 000002272 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-17 10:34 - 2020-06-12 23:15 - 000002272 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-16 00:43 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 00:23 - 2020-12-17 19:19 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-15 23:35 - 2019-10-14 21:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 23:22 - 2020-12-17 19:33 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1569412749
2021-04-15 23:22 - 2019-09-25 13:59 - 000001416 _____ C:\Users\42195\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-04-15 23:18 - 2019-10-14 21:58 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 00:57 - 2020-12-17 19:33 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3688312555-2552052780-2398578842-1001
2021-04-13 00:57 - 2020-12-17 19:18 - 000002362 _____ C:\Users\42195\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-13 00:57 - 2019-09-24 22:10 - 000000000 ___RD C:\Users\42195\OneDrive
2021-03-28 21:05 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-28 21:04 - 2020-10-17 10:59 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-28 21:04 - 2020-04-14 21:18 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-26 00:43 - 2020-12-17 19:33 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-04-20.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-22-2021
# Duration: 00:00:04
# OS: Windows 10 Home
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\42195\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Windows\LENOVO\IMCONTROLLER

*************************

AdwCleaner[S00].txt - [1861 octets] - [22/04/2021 14:12:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte nové logy FRST+Addition.

Addition log:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by 42195 (22-04-2021 19:00:10)
Running from C:\Users\42195\Desktop
Windows 10 Home Version 2004 19041.928 (X64) (2020-12-17 17:33:58)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

42195 (S-1-5-21-3688312555-2552052780-2398578842-1001 - Administrator - Enabled) => C:\Users\42195
Administrator (S-1-5-21-3688312555-2552052780-2398578842-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3688312555-2552052780-2398578842-503 - Limited - Disabled)
Guest (S-1-5-21-3688312555-2552052780-2398578842-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3688312555-2552052780-2398578842-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Photo Studio Professional 2018 (64-bit) (HKLM\...\{1137BB4F-4D0B-4CBA-962A-79EFECD36B3F}) (Version: 11.0.0.785 - ACD Systems International Inc.)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Intel(R) Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1824.12.0.1140 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{3b132227-4567-48a1-9f85-0d0dad4346ee}) (Version: 1.49.213.1 - Intel Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\OneDriveSetup.exe) (Version: 21.052.0314.0001 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Opera Stable 75.0.3969.171 (HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\Opera 75.0.3969.171) (Version: 75.0.3969.171 - Opera Software)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20200.247.0_x64__rz1tebttyb220 [2019-03-15] (Dolby Laboratories)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-17] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-03-14] (INTEL CORP)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-09] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-01-23] (LENOVO INC) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-12-17] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-14] (Microsoft Studios) [MS Ad]
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-01] (INTEL CORP) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2019-11-11] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6722448 2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4220304 2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-03-28] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2012-05-03 11:47 - 2012-05-03 11:47 - 001681408 _____ (/n software inc. - www.nsoftware.com) [File not signed] C:\Program Files\ACD Systems\ACDSee Pro\11.0\ipworksssl8.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3688312555-2552052780-2398578842-1001 -> DefaultScope {70CD5A43-FC74-428C-B4AC-0F86769DD662} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [2008-05-23] (Microsoft Corporation) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Control Panel\Desktop\\Wallpaper -> C:\Vieročka\stiahnuté súbory\61268272_2349491521760855_6439976411477311488_n.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E43409E3-1687-4CBE-9FAB-7865AC2282E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20410.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{89A401E5-DCF1-4E33-AB66-F71FF18597DB}C:\users\42195\desktop\anydesk.exe] => (Allow) C:\users\42195\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [UDP Query User{AC62F1B7-2745-4ADC-8923-B21C41BB807A}C:\users\42195\desktop\anydesk.exe] => (Allow) C:\users\42195\desktop\anydesk.exe (philandro Software GmbH -> )
FirewallRules: [TCP - Installer for ACDSee Commander Professional 2018] => (Allow) C:\Program Files\ACD Systems\ACDSee Pro\11.0\ACDSeeCommanderPro11.exe (ACD Systems International Inc. -> )
FirewallRules: [UDP - Installer for ACDSee Commander Professional 2018] => (Allow) C:\Program Files\ACD Systems\ACDSee Pro\11.0\ACDSeeCommanderPro11.exe (ACD Systems International Inc. -> )
FirewallRules: [{04522499-32CB-49C2-A28C-A70FCFC1A2F6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11E67AC2-8B73-430C-929F-0D594C8F8C55}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{88ACA635-3FBB-4AF4-A2C6-2740E3857639}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DF927093-418F-44AF-B34F-8B198CDE15A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{A4B2E5E5-939C-42AA-BE06-B256E2A6891D}C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [UDP Query User{C1A30A9C-827C-4E95-BCFF-CD17CE1BB92F}C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe] => (Block) C:\users\42195\appdata\local\programs\opera\75.0.3969.149\opera.exe (Opera Software AS -> Opera Software)

==================== Restore Points =========================

06-04-2021 20:00:55 Scheduled Checkpoint
15-04-2021 23:36:24 Inštalátor modulov systému Windows
15-04-2021 23:50:45 Inštalátor modulov systému Windows
21-04-2021 20:27:30 Odstránené Microsoft Update Health Tools
22-04-2021 14:12:48 AdwCleaner_BeforeCleaning_22/04/2021_14:12:48

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/22/2021 02:13:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (04/22/2021 02:13:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (04/10/2021 01:49:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program CCleaner64.exe version 5.78.0.8558 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1ae4

Start Time: 01d724d718591674

Termination Time: 4294967295

Application Path: C:\Program Files\CCleaner\CCleaner64.exe

Report Id: 21df5290-95a5-473f-8e1a-4c8512a399ac

Faulting package full name:

Faulting package-relative application ID:

Hang type: Top level window is idle

Error: (03/28/2021 10:58:15 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v Elements (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)


System errors:
=============
Error: (04/22/2021 02:13:35 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Službe WerSvc sa nepodarilo s aktuálne nakonfigurovaným heslom prihlásiť ako NT AUTHORITY\SYSTEM kvôli nasledujúcej chybe:
The request is not supported.


Ak chcete zabezpečiť správne nakonfigurovanie služby, použite modul Služby konzoly MMC (Microsoft Management Console).

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba RstMwService sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Office Software Protection Platform sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AtherosSvc sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (04/22/2021 02:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===============
Date: 2021-04-22 14:18:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-04-22 14:15:42
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 7SCN27WW 11/28/2018
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i3-8130U CPU @ 2.20GHz
Percentage of memory in use: 63%
Total physical RAM: 4005.22 MB
Available physical RAM: 1473.53 MB
Total Virtual: 13221.22 MB
Available Virtual: 10422.66 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.26 GB) (Free:772.58 GB) NTFS

\\?\Volume{ce17a51a-2797-4bd2-a94d-d56627b388f6}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{3b593c47-7b22-4b5f-9eac-a64aa9ee498a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BB263FC2)

Partition: GPT.

==================== End of Addition.txt =======================





FRTS log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Ran by 42195 (administrator) on LAPTOP-R9921TTS (LENOVO 81F5) (22-04-2021 18:56:53)
Running from C:\Users\42195\Desktop
Loaded Profiles: 42195
Platform: Windows 10 Home Version 2004 19041.928 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ACD Systems International Inc. -> ) C:\Program Files\ACD Systems\ACDSee Pro\11.0\ACDSeeCommanderPro11.exe
(ACD Systems International Inc. -> ACD Systems) C:\Program Files\ACD Systems\ACDSee Pro\11.0\acdIDInTouch2.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_afbf41cf8ab202d7\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_afbf41cf8ab202d7\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08c6076a1ac36ac6\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_08c6076a1ac36ac6\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_48720fcc117e5841\RstMwService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Opera Software AS -> Opera Software) C:\Users\42195\AppData\Local\Programs\Opera\75.0.3969.171\opera.exe <5>
(Opera Software AS -> Opera Software) C:\Users\42195\AppData\Local\Programs\Opera\75.0.3969.171\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834552 2019-03-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [ACPW11EN] => C:\Program Files\ACD Systems\ACDSee Pro\11.0\acdIDInTouch2.exe [2157008 2017-07-19] (ACD Systems International Inc. -> ACD Systems)
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\Run: [ACDSeeCommanderPro11] => C:\Program Files\ACD Systems\ACDSee Pro\11.0\ACDSeeCommanderPro11.exe [5051344 2017-08-28] (ACD Systems International Inc. -> )
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\...\Run: [Opera Browser Assistant] => C:\Users\42195\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0841F7D6-1BE5-4795-8909-EC8F728B2D4D} - \Lenovo\ImController\TimeBasedEvents\1b521893-f59f-479d-9f77-32df41e9cf2a -> No File <==== ATTENTION
Task: {0FBB95F8-1EBF-4C75-97AA-9602D93191AF} - \Lenovo\ImController\TimeBasedEvents\d776bd41-4c97-4272-a832-d0eeee5896f5 -> No File <==== ATTENTION
Task: {36EFDF3E-5986-47BB-9E28-97562CBD0B66} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {3B9045F8-D00C-414B-8C91-7A0891FE6EFB} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {4A12B43E-BB3B-4375-9AE2-DBC697BBC308} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {5B24BD8A-454A-4005-9C5B-AD1DFCA16739} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {635A7B54-D514-43D4-90DA-751973647AE9} - System32\Tasks\Opera scheduled assistant Autoupdate 1582723837 => C:\Users\42195\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-13] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\42195\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {69D61737-76E0-4F69-B22B-ED1723F95B06} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
Task: {7537CFA4-FEAC-4BEB-9705-E7789736DB55} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-23] (Adobe Inc. -> Adobe)
Task: {77BC5E0B-7FC2-44CA-8017-E5375736CC61} - System32\Tasks\R@1n-KMS\Windows64Core => wmic path SoftwareLicensingProduct where (ID="58e97c99-f377-4ef1-81d5-4ad5522b5fd8") call Activate
Task: {AD9F2758-7E2F-40CC-A20B-5ABF7DE7F332} - \Lenovo\ImController\TimeBasedEvents\b6c24d16-badd-48ba-880b-c7e50505cedf -> No File <==== ATTENTION
Task: {B73F6386-F1F7-4FC8-AF6A-AD6F235E15B4} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CD31BDB7-EB2A-42CE-8C63-A2F343AC3F4E} - System32\Tasks\Opera scheduled Autoupdate 1569412749 => C:\Users\42195\AppData\Local\Programs\Opera\launcher.exe [1886872 2021-04-13] (Opera Software AS -> Opera Software)
Task: {CD60A116-DC4C-4E47-8611-E807EDCDFD08} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {DA87132E-D163-4D9E-8446-11527B112B61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DFE2F4BA-D2F3-4391-8630-C2D86D819704} - \Lenovo\ImController\TimeBasedEvents\e8e7d532-ed59-4921-89ba-7373fb1f642a -> No File <==== ATTENTION
Task: {E46462DF-2A6B-4775-82F5-6C20BDA39F5B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {F929BC01-EFD1-4859-B5BA-EA1DCEFFC9C3} - System32\Tasks\R@1n-KMS\Office14ProPlus => wmic path OfficeSoftwareProtectionProduct where (ID="6f327760-8c5c-417c-9b61-836a98287e0c") call Activate

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{32236081-3a9e-46e7-a08b-114e9295e2da}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6d7643f-dca9-480d-ad60-9ac227aa0fb2}: [DhcpNameServer] 150.205.1.2

Edge:
=======
DownloadDir: C:\Users\42195\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\42195\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-22]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

Opera:
=======
OPR Profile: C:\Users\42195\AppData\Roaming\Opera Software\Opera Stable [2021-04-22]
OPR Notifications: Opera Stable -> hxxps://www.aliexpress.com; hxxps://www.facebook.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (AdBlock) - C:\Users\42195\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2019-10-14]
OPR Extension: (Rich Hints Agent) - C:\Users\42195\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-21]
StartMenuInternet: (HKU\S-1-5-21-3688312555-2552052780-2398578842-1001) OperaStable - "C:\Users\42195\AppData\Local\Programs\Opera\Launcher.exe"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-03-29] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [602632 2018-08-14] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [306040 2018-08-01] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1270536 2019-02-26] (McAfee, Inc. -> McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35680 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-17] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-03-28] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [78216 2020-08-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [430320 2020-08-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-14] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-22 14:11 - 2021-04-22 14:13 - 000000000 ____D C:\AdwCleaner
2021-04-22 14:11 - 2021-04-22 14:11 - 008534696 _____ (Malwarebytes) C:\Users\42195\Downloads\adwcleaner_8.2.exe
2021-04-21 20:56 - 2021-04-21 21:01 - 000019059 _____ C:\Users\42195\Desktop\Addition.txt
2021-04-21 20:53 - 2021-04-22 18:57 - 000016216 _____ C:\Users\42195\Desktop\FRST.txt
2021-04-21 20:51 - 2021-04-22 18:57 - 000000000 ____D C:\FRST
2021-04-21 20:51 - 2021-04-21 20:51 - 002298368 _____ (Farbar) C:\Users\42195\Desktop\FRST64.exe
2021-04-16 00:28 - 2021-04-16 00:28 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-16 00:25 - 2021-04-16 00:25 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 00:25 - 2021-04-16 00:25 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-28 21:05 - 2021-03-28 21:04 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-28 21:05 - 2021-03-28 21:04 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-22 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-22 16:11 - 2020-12-17 19:27 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-22 16:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-22 14:16 - 2019-12-06 21:30 - 000000000 ____D C:\Program Files\CCleaner
2021-04-22 14:16 - 2019-09-25 13:53 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-22 14:14 - 2020-12-17 19:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-22 14:14 - 2020-12-17 19:15 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-22 14:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-22 14:14 - 2019-09-24 22:04 - 000000000 __SHD C:\Users\42195\IntelGraphicsProfiles
2021-04-22 14:14 - 2019-03-15 15:30 - 000000000 ____D C:\ProgramData\Lenovo
2021-04-22 14:13 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-22 14:13 - 2019-09-25 13:48 - 000000000 ____D C:\Users\42195\AppData\Local\Lenovo
2021-04-21 22:45 - 2020-06-12 23:15 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-21 22:45 - 2020-06-12 23:15 - 000002289 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-21 22:45 - 2020-06-12 23:15 - 000002289 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-04-21 22:45 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-21 22:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-21 20:36 - 2020-12-17 19:15 - 000442912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-21 20:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-21 20:32 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-21 20:29 - 2020-12-17 12:10 - 000000000 ___DC C:\WINDOWS\Panther
2021-04-21 20:29 - 2019-11-11 21:11 - 000000000 ____D C:\Users\42195\AppData\Local\CrashDumps
2021-04-21 20:29 - 2019-09-24 22:05 - 000000000 ____D C:\Users\42195\AppData\Local\Packages
2021-04-21 20:28 - 2020-09-30 11:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 20:28 - 2019-09-25 13:49 - 000000000 ____D C:\Users\42195\AppData\Local\PlaceholderTileLogoFolder
2021-04-21 20:15 - 2020-12-17 19:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-20 22:55 - 2020-12-17 19:33 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-16 00:43 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 00:23 - 2020-12-17 19:19 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-15 23:35 - 2019-10-14 21:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 23:22 - 2020-12-17 19:33 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1569412749
2021-04-15 23:22 - 2019-09-25 13:59 - 000001416 _____ C:\Users\42195\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-04-15 23:18 - 2019-10-14 21:58 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 00:57 - 2020-12-17 19:33 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3688312555-2552052780-2398578842-1001
2021-04-13 00:57 - 2020-12-17 19:18 - 000002362 _____ C:\Users\42195\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-13 00:57 - 2019-09-24 22:10 - 000000000 ___RD C:\Users\42195\OneDrive
2021-03-28 21:05 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-28 21:04 - 2020-10-17 10:59 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-03-28 21:04 - 2020-04-14 21:18 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-03-28 21:04 - 2019-09-25 13:55 - 000035680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-03-26 00:43 - 2020-12-17 19:33 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3688312555-2552052780-2398578842-1001 -> DefaultScope {70CD5A43-FC74-428C-B4AC-0F86769DD662} URL =
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0841F7D6-1BE5-4795-8909-EC8F728B2D4D} - \Lenovo\ImController\TimeBasedEvents\1b521893-f59f-479d-9f77-32df41e9cf2a -> No File <==== ATTENTION
Task: {0FBB95F8-1EBF-4C75-97AA-9602D93191AF} - \Lenovo\ImController\TimeBasedEvents\d776bd41-4c97-4272-a832-d0eeee5896f5 -> No File <==== ATTENTION
Task: {3B9045F8-D00C-414B-8C91-7A0891FE6EFB} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {5B24BD8A-454A-4005-9C5B-AD1DFCA16739} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AD9F2758-7E2F-40CC-A20B-5ABF7DE7F332} - \Lenovo\ImController\TimeBasedEvents\b6c24d16-badd-48ba-880b-c7e50505cedf -> No File <==== ATTENTION
Task: {B73F6386-F1F7-4FC8-AF6A-AD6F235E15B4} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {DFE2F4BA-D2F3-4391-8630-C2D86D819704} - \Lenovo\ImController\TimeBasedEvents\e8e7d532-ed59-4921-89ba-7373fb1f642a -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by 42195 (22-04-2021 20:09:31) Run:2
Running from C:\Users\42195\Desktop
Loaded Profiles: 42195
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-3688312555-2552052780-2398578842-1001 -> DefaultScope {70CD5A43-FC74-428C-B4AC-0F86769DD662} URL =
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0841F7D6-1BE5-4795-8909-EC8F728B2D4D} - \Lenovo\ImController\TimeBasedEvents\1b521893-f59f-479d-9f77-32df41e9cf2a -> No File <==== ATTENTION
Task: {0FBB95F8-1EBF-4C75-97AA-9602D93191AF} - \Lenovo\ImController\TimeBasedEvents\d776bd41-4c97-4272-a832-d0eeee5896f5 -> No File <==== ATTENTION
Task: {3B9045F8-D00C-414B-8C91-7A0891FE6EFB} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {5B24BD8A-454A-4005-9C5B-AD1DFCA16739} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {AD9F2758-7E2F-40CC-A20B-5ABF7DE7F332} - \Lenovo\ImController\TimeBasedEvents\b6c24d16-badd-48ba-880b-c7e50505cedf -> No File <==== ATTENTION
Task: {B73F6386-F1F7-4FC8-AF6A-AD6F235E15B4} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {DFE2F4BA-D2F3-4391-8630-C2D86D819704} - \Lenovo\ImController\TimeBasedEvents\e8e7d532-ed59-4921-89ba-7373fb1f642a -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => not found
"HKU\S-1-5-21-3688312555-2552052780-2398578842-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0841F7D6-1BE5-4795-8909-EC8F728B2D4D}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\1b521893-f59f-479d-9f77-32df41e9cf2a" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FBB95F8-1EBF-4C75-97AA-9602D93191AF}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\d776bd41-4c97-4272-a832-d0eeee5896f5" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B9045F8-D00C-414B-8C91-7A0891FE6EFB}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B24BD8A-454A-4005-9C5B-AD1DFCA16739}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AD9F2758-7E2F-40CC-A20B-5ABF7DE7F332}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\b6c24d16-badd-48ba-880b-c7e50505cedf" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B73F6386-F1F7-4FC8-AF6A-AD6F235E15B4}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFE2F4BA-D2F3-4391-8630-C2D86D819704}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e8e7d532-ed59-4921-89ba-7373fb1f642a" => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => not found
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 11034624 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7906724 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 0 B
Edge => 0 B
Firefox => 0 B
Opera => 27765447 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3848 B
NetworkService => 3848 B
42195 => 58725 B

RecycleBin => 0 B
EmptyTemp: => 44.6 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-04-2021 20:11:03)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 20:11:03 ====

OK. Nastala nějaká změna?

Rudy píše: 22 dub 2021 19:52 OK. Nastala nějaká změna?

Ospravedlnujem sa za zdrzanie. Pytal som sa jej na to a vraj je to trochu rychlejsie, ale stale jej to nahodne zamrza a dlho nacitava

Zkuste ještě defragmentovat disk.