VIRY.CZ

Dobry den,

PC sa troska spomalil v poslednom case, prosim o kontrolu logu ci tu nie je nejaka havat.
Dakujem.



==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [170240 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009133C7-B9CB-4318-9EBE-6BF182799DEB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\83448ab0-3ae0-4847-ac47-b1180e6f2568 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {10D6AF18-EE7F-4872-80F0-E8AFE7BBA385} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1ed76e21-6aed-4316-9ddf-41f997627221 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {24D727D8-22AB-4FC5-95F5-265DACFDDC58} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2CDE6AF9-A543-4DA1-8922-20E2A1CD5B38} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3EFF10AD-287E-451A-87DC-D4F32F6B0B94} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {417BCBCB-00FE-4D11-836A-E52B771E357B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\70f23f41-34e4-4ae7-b190-ec0af1a04da1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {42F39AAE-9230-4D56-AA5A-5556C289FE22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {594FD384-2FE9-4E73-806A-981B334565C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1122200 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {5A86536A-10D3-415F-86DC-43680DF4F2D5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1821968 2021-04-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {646FB878-9AA9-4297-9358-F08908596027} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {65744C64-3B79-4ADF-83F1-3FBC1E8847CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {77032FBE-3118-45F5-B26C-C771FBB34796} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {83A76978-F115-416B-8535-10A2582D4775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {845602A6-C681-4280-B1F7-801B05BB56FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {84C33941-96CF-45CF-ABE5-B1461DC9EF99} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9D3271F2-7F14-4EC3-9123-32BCDC05EDC3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1360665a-6133-4341-be29-ea2b99cc32fa => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {D9E7ED4A-5FD5-49A3-97F0-7B817A3E5FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {E3DE739E-5974-406F-A48A-B8B4F84E4C9D} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4856576 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {E5FB513C-FB65-4EC5-9F13-503B05B80808} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EED0C395-840E-4CCB-9E6F-BADE0414F716} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe
Task: {FD17AFB3-76C7-4D83-AB08-B4C6C1E8BD4E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {FD6A4626-BAF6-40C9-AE40-954C74EA58BD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {FFF3CD8A-3CDF-4168-AE6C-A1D6D425E66E} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.20.248.1
Tcpip\..\Interfaces\{003e550c-6bc2-4102-b793-c4c4b85375ea}: [DhcpNameServer] 10.20.248.1
Tcpip\..\Interfaces\{ce6aed68-19c5-44b6-94fd-9b8f71b58881}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Edge:
=======
DownloadDir: C:\Users\Jarka Simkova\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Jarka Simkova\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-08]

FireFox:
========
FF DefaultProfile: 4x22v3ip.default
FF ProfilePath: C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default [2021-06-05]
FF Homepage: Mozilla\Firefox\Profiles\4x22v3ip.default -> www.google.sk
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2021-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-05-19]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentácie) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-22]
CHR Extension: (Dokumenty) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-22]
CHR Extension: (Disk Google) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-22]
CHR Extension: (Tabuľky) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Gmail) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [623360 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [370944 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8198768 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [35800 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [216488 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [365592 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [250392 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [99352 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [17344 2021-05-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [41424 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [181072 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [523016 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [107936 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [83000 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [851272 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [471480 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [215464 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [327104 2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-09] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2019-05-17] (EnTech Taiwan -> EnTech Taiwan)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 10:25 - 2021-06-08 10:25 - 000015868 _____ C:\Users\Jarka Simkova\Desktop\FRST.txt
2021-06-08 10:24 - 2021-06-08 10:25 - 000000000 ____D C:\FRST
2021-06-08 10:23 - 2021-06-08 10:23 - 002300416 _____ (Farbar) C:\Users\Jarka Simkova\Desktop\FRST64 (1).exe
2021-06-08 10:21 - 2021-06-08 10:22 - 002300416 _____ (Farbar) C:\Users\Jarka Simkova\Downloads\Nepotvrdené 490406.crdownload
2021-06-05 12:35 - 2021-06-05 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-04 21:38 - 2021-06-05 12:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-02 20:06 - 2021-06-02 20:05 - 000340224 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2021-06-02 20:06 - 2021-06-02 20:05 - 000215464 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys
2021-05-30 13:24 - 2021-05-30 13:24 - 000017344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgElam.sys
2021-05-23 10:42 - 2021-05-23 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2021-05-14 20:58 - 2021-05-14 20:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-14 20:58 - 2021-05-14 20:58 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-14 20:58 - 2021-05-14 20:58 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 20:58 - 2021-05-14 20:58 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 20:57 - 2021-05-14 20:57 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-14 20:57 - 2021-05-14 20:57 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-14 20:57 - 2021-05-14 20:57 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-14 20:57 - 2021-05-14 20:57 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 20:57 - 2021-05-14 20:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 20:57 - 2021-05-14 20:57 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-14 20:56 - 2021-05-14 20:56 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 20:56 - 2021-05-14 20:56 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 10:24 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-08 10:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-08 10:22 - 2021-03-29 05:25 - 000004266 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2021-06-08 10:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-08 10:19 - 2019-11-22 12:35 - 000000000 ____D C:\ProgramData\AVG
2021-06-08 10:18 - 2021-03-29 05:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-08 10:18 - 2021-03-28 09:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-08 10:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-08 10:18 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-08 10:18 - 2018-11-24 03:44 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-06-05 16:20 - 2019-05-19 20:39 - 000000000 ____D C:\Users\Jarka Simkova\AppData\LocalLow\Mozilla
2021-06-05 16:19 - 2021-03-28 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-05 12:45 - 2021-03-29 05:25 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-05 12:43 - 2020-06-23 21:18 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-05 12:43 - 2020-06-23 21:18 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-05 12:43 - 2020-06-23 21:18 - 000002293 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-05 12:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 12:40 - 2019-05-19 20:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-05 12:37 - 2021-03-28 09:54 - 000000000 ____D C:\Users\Jarka Simkova
2021-06-05 12:37 - 2019-05-19 20:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-05 12:35 - 2019-05-19 20:38 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-04 22:01 - 2021-04-12 21:01 - 000003310 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d723a829aa6dd4
2021-06-04 22:01 - 2021-03-29 05:25 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-04 22:01 - 2021-03-29 05:25 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-04 22:01 - 2021-03-29 05:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-06-02 20:06 - 2020-06-23 19:54 - 000523016 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2021-06-02 20:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-02 20:05 - 2020-08-13 19:47 - 000181072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000851272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000471480 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000365592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000327104 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000250392 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000216488 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000107936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000099352 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000083000 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000041424 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2021-06-02 20:05 - 2019-11-22 12:37 - 000035800 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2021-06-02 19:58 - 2020-11-01 13:49 - 000005406 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-27 21:17 - 2019-05-17 16:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-27 20:57 - 2019-11-22 12:40 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-27 20:51 - 2020-01-12 22:04 - 000000000 ____D C:\Users\Jarka Simkova\Desktop\Nový priečinok
2021-05-27 20:01 - 2021-03-29 05:25 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-25 17:36 - 2019-10-03 22:59 - 000000000 ___HD C:\ProgramData\CyberLink
2021-05-23 10:42 - 2019-10-16 06:19 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-17 05:30 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-15 06:56 - 2021-03-28 09:51 - 000437984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-15 06:55 - 2019-12-07 16:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-14 21:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-14 21:03 - 2019-12-07 16:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 20:24 - 2019-06-02 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 20:01 - 2019-06-02 22:19 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2021 01
Ran by Jarka Simkova (08-06-2021 10:27:23)
Running from C:\Users\Jarka Simkova\Desktop
Windows 10 Home Version 20H2 19042.985 (X64) (2021-03-29 03:25:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3940926089-4164835052-1180443062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3940926089-4164835052-1180443062-503 - Limited - Disabled)
Guest (S-1-5-21-3940926089-4164835052-1180443062-501 - Limited - Disabled)
Jarka Simkova (S-1-5-21-3940926089-4164835052-1180443062-1002 - Administrator - Enabled) => C:\Users\Jarka Simkova
WDAGUtilityAccount (S-1-5-21-3940926089-4164835052-1180443062-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Aplikácie Microsoft 365 pre podnikateľov - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 21.4.3179 - AVG Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.05.85 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-02-22] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-02] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-03-05] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2021-06-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-21 10:37 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-31 20:02 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\sharepoint.com -> hxxps://nocsk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 10.20.248.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5FDB38E0-947F-4FE8-AAF2-6D264453FA3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35748BD7-BF48-4828-BFD7-3A6878221CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3690EDD-2ADD-466C-9865-071EAEA5A82C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9EAF64-4E4A-4930-A436-29C24A56568D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9AF97B4-B9F7-4036-AC50-497460CEEF9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11601.20178.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EFFE614-7A96-4AE9-AD9A-729FF7ED898E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BAC49D3-DE74-4E5D-B027-5FAD2E8CDD03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDDC2486-6CF9-4213-9F7D-3B52A4AF2A70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08D97C31-C7F0-49AD-AACD-F0281BE02F1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5EF60FF-CC42-4CB4-9801-EF9FCE424BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F90BC0BD-41E8-40CD-8B82-638F92CB0997}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{652511D4-119C-46EE-B3BE-968D5621367C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30294CE6-6B2A-404A-8280-C3C8B1BABFC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99406EBC-4FDA-4D51-917B-03AE654AD6D9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:78.94 GB) (67%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/08/2021 10:23:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/05/2021 12:37:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

Error: (06/05/2021 12:37:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.

Error: (06/04/2021 08:12:52 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (06/08/2021 10:24:14 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/05/2021 04:50:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/05/2021 02:18:49 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Qualcomm Atheros QCA9377 Wireless Network Adapter, {74799e4b-a8d0-4cc9-890a-e9e4b76e8d3d}, had event 71

Error: (06/05/2021 02:18:49 PM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA9377 Wireless Network Adapter : Has determined that the network adapter is not functioning properly.

Error: (06/05/2021 12:42:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/04/2021 11:42:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/04/2021 11:42:22 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/04/2021 11:42:21 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server {7966B4D8-4FDC-4126-A10B-39A3209AD251} did not register with DCOM within the required timeout.


CodeIntegrity:
===============
Date: 2021-06-08 10:24:03
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2021-06-08 10:22:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Lenovo 1PCN66WW 04/26/2018
Motherboard: LENOVO LNVNB161216
Processor: AMD A9-9410 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 83%
Total physical RAM: 3920.07 MB
Available physical RAM: 632.2 MB
Total Virtual: 4624.07 MB
Available Virtual: 932.66 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:78.94 GB) NTFS

\\?\Volume{467b35af-180d-4ef4-a198-ecbd57b9ad6b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{b7295002-0aac-4eac-8cbe-508082c6c74c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6F7778AD)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Odinstaloval som AVG, je to lepsie Asi neustale kontroloval, alebo neviem. Staci aj antivir ktory je vo Windows 10 ? Deffender?

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2021
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Jarka Simkova\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1869 octets] - [08/06/2021 10:43:13]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########



# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-08-2021
# Duration: 00:00:33
# OS: Windows 10 Home
# Scanned: 31988
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Jarka Simkova\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2021 01
Ran by Jarka Simkova (08-06-2021 13:36:01)
Running from C:\Users\Jarka Simkova\Desktop
Windows 10 Home Version 21H1 19043.1023 (X64) (2021-03-29 03:25:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3940926089-4164835052-1180443062-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3940926089-4164835052-1180443062-503 - Limited - Disabled)
Guest (S-1-5-21-3940926089-4164835052-1180443062-501 - Limited - Disabled)
Jarka Simkova (S-1-5-21-3940926089-4164835052-1180443062-1002 - Administrator - Enabled) => C:\Users\Jarka Simkova
WDAGUtilityAccount (S-1-5-21-3940926089-4164835052-1180443062-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.7 - Advanced Micro Devices, Inc.)
Aplikácie Microsoft 365 pre podnikateľov - sk-sk (HKLM\...\O365BusinessRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.77 - Google LLC)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14026.20246 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.05.85 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 89.0 (x64 en-US) (HKLM\...\Mozilla Firefox 89.0 (x64 en-US)) (Version: 89.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.5 - Mozilla)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Zoom (HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\ZoomUMX) (Version: 5.5.4 (13142.0301) - Zoom Video Communications, Inc.)

Packages:
=========
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2103.17.0_x64__k1h2ywk1493x8 [2021-04-11] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4 [2021-02-22] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-06-02] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-28] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-23] (Microsoft Studios) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.11322.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.2520.0_x86__m916jedk64snt [2020-10-13] (CYBERLINKCOM CORPORATION)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-03-05] (Advanced Micro Devices, Inc.) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\...\sharepoint.com -> hxxps://nocsk-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 10.20.248.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5FDB38E0-947F-4FE8-AAF2-6D264453FA3B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35748BD7-BF48-4828-BFD7-3A6878221CE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3690EDD-2ADD-466C-9865-071EAEA5A82C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5B9EAF64-4E4A-4930-A436-29C24A56568D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E9AF97B4-B9F7-4036-AC50-497460CEEF9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11601.20178.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6EFFE614-7A96-4AE9-AD9A-729FF7ED898E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4BAC49D3-DE74-4E5D-B027-5FAD2E8CDD03}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EDDC2486-6CF9-4213-9F7D-3B52A4AF2A70}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{08D97C31-C7F0-49AD-AACD-F0281BE02F1D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D5EF60FF-CC42-4CB4-9801-EF9FCE424BC2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F90BC0BD-41E8-40CD-8B82-638F92CB0997}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{652511D4-119C-46EE-B3BE-968D5621367C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{30294CE6-6B2A-404A-8280-C3C8B1BABFC3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{99406EBC-4FDA-4D51-917B-03AE654AD6D9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\91.0.864.41\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118 GB) (Free:76.8 GB) (65%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/08/2021 11:18:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wuauclt.exe, verzia: 10.0.19041.906, časová značka: 0x01b4b287
Názov chybujúceho modulu: wuuhosdeployment.dll_unloaded, verzia: 10.0.19041.867, časová značka: 0x14e58421
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001a3f3
Identifikácia chybujúceho procesu: 0x243c
Čas spustenia chybujúcej aplikácie: 0x01d75c451409f162
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wuauclt.exe
Cesta chybujúceho modulu: wuuhosdeployment.dll
Identifikácia hlásenia: d1d128bb-368e-4bee-9e8a-2585ef570c6e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/08/2021 10:50:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MsMpEng.exe, verzia: 4.18.2001.10, časová značka: 0xcc8022f7
Názov chybujúceho modulu: mpengine.dll_unloaded, verzia: 1.1.18200.4, časová značka: 0x60b01001
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000002d226
Identifikácia chybujúceho procesu: 0x2354
Čas spustenia chybujúcej aplikácie: 0x01d75c433f3a323e
Cesta chybujúcej aplikácie: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe
Cesta chybujúceho modulu: mpengine.dll
Identifikácia hlásenia: c42a8793-6d3e-4ef7-895c-6a4045af5846
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (06/08/2021 10:23:03 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (06/08/2021 10:18:37 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (06/08/2021 10:16:36 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/05/2021 12:37:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1512) (User: NT AUTHORITY)
Description: Windows cannot unload your registry file. The memory used by the registry has not been freed. This problem is often caused by services running as a user account. Try configuring services to run in either the LocalService or NetworkService account.

DETAIL - Access is denied.


System errors:
=============
Error: (06/08/2021 01:24:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:14:57 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.

Error: (06/08/2021 01:11:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:10:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:10:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby ImControllerService zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/08/2021 01:08:12 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Miniport Qualcomm Atheros QCA9377 Wireless Network Adapter, {003e550c-6bc2-4102-b793-c4c4b85375ea}, had event 71

Error: (06/08/2021 01:08:12 PM) (Source: Qcamain10x64) (EventID: 5002) (User: )
Description: Qualcomm Atheros QCA9377 Wireless Network Adapter : Has determined that the network adapter is not functioning properly.

Error: (06/08/2021 12:20:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-4PSLTPGA)
Description: The server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2021-06-08 13:30:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 13:08:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 11:50:00
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 11:41:42
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-08 10:50:03
Description:
Microsoft Defender Antivirus engine has been terminated due to an unexpected error.
Failure Type: Crash
Exception code: 0xc0000005
Resource:

CodeIntegrity:
===============
Date: 2021-06-08 10:50:08
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2021-06-08 10:38:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 1PCN73WW 04/22/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD A9-9410 RADEON R5, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 74%
Total physical RAM: 3920.07 MB
Available physical RAM: 988.49 MB
Total Virtual: 4624.07 MB
Available Virtual: 1365.66 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:76.8 GB) NTFS

\\?\Volume{467b35af-180d-4ef4-a198-ecbd57b9ad6b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{b7295002-0aac-4eac-8cbe-508082c6c74c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 6F7778AD)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-06-2021 01
Ran by Jarka Simkova (administrator) on LAPTOP-4PSLTPGA (LENOVO 80TD) (08-06-2021 13:33:50)
Running from C:\Users\Jarka Simkova\Desktop
Loaded Profiles: Jarka Simkova
Platform: Windows 10 Home Version 21H1 19043.1023 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0326809.inf_amd64_bfcaa662a6f3d02f\B325108\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0326809.inf_amd64_bfcaa662a6f3d02f\B325108\atiesrxx.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.2.1.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1022_none_7e372e9e7c6ecccb\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388936 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-01-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.77\Installer\chrmstp.exe [2021-05-27] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009133C7-B9CB-4318-9EBE-6BF182799DEB} - \Lenovo\ImController\TimeBasedEvents\83448ab0-3ae0-4847-ac47-b1180e6f2568 -> No File <==== ATTENTION
Task: {0215D5A2-5FF5-4F2E-926B-183471E5DA73} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jarka Simkova\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-08] (ESET, spol. s r.o. -> ESET)
Task: {0CC485A8-4359-4FC3-B057-0CC5C78F6317} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {10D6AF18-EE7F-4872-80F0-E8AFE7BBA385} - \Lenovo\ImController\TimeBasedEvents\1ed76e21-6aed-4316-9ddf-41f997627221 -> No File <==== ATTENTION
Task: {24D727D8-22AB-4FC5-95F5-265DACFDDC58} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {2CDE6AF9-A543-4DA1-8922-20E2A1CD5B38} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {3EFF10AD-287E-451A-87DC-D4F32F6B0B94} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {417BCBCB-00FE-4D11-836A-E52B771E357B} - \Lenovo\ImController\TimeBasedEvents\70f23f41-34e4-4ae7-b190-ec0af1a04da1 -> No File <==== ATTENTION
Task: {42F39AAE-9230-4D56-AA5A-5556C289FE22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {524C93C6-B3F9-413A-89B4-A43E149CF5B5} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jarka Simkova\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-06-08] (ESET, spol. s r.o. -> ESET)
Task: {594FD384-2FE9-4E73-806A-981B334565C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1122200 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {646FB878-9AA9-4297-9358-F08908596027} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {65744C64-3B79-4ADF-83F1-3FBC1E8847CE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {77032FBE-3118-45F5-B26C-C771FBB34796} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {83A76978-F115-416B-8535-10A2582D4775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {845602A6-C681-4280-B1F7-801B05BB56FC} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {84C33941-96CF-45CF-ABE5-B1461DC9EF99} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {972F90C9-6098-43C3-AF93-4F3D63A46AF0} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9D3271F2-7F14-4EC3-9123-32BCDC05EDC3} - \Lenovo\ImController\TimeBasedEvents\1360665a-6133-4341-be29-ea2b99cc32fa -> No File <==== ATTENTION
Task: {AA4A682E-5693-48E2-A1B4-6C5513F87712} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B512C8B9-2791-42A9-B5C4-0EC9478635FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9E7ED4A-5FD5-49A3-97F0-7B817A3E5FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {E5FB513C-FB65-4EC5-9F13-503B05B80808} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC7C341B-F08F-42EF-BA41-FD435AA55C1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MpCmdRun.exe [644888 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EED0C395-840E-4CCB-9E6F-BADE0414F716} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe
Task: {FD17AFB3-76C7-4D83-AB08-B4C6C1E8BD4E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {FD6A4626-BAF6-40C9-AE40-954C74EA58BD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {FFF3CD8A-3CDF-4168-AE6C-A1D6D425E66E} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.20.248.1
Tcpip\..\Interfaces\{8b913afa-bb86-4ac9-8129-0c4b266c8ffc}: [DhcpNameServer] 10.20.248.1
Tcpip\..\Interfaces\{ce6aed68-19c5-44b6-94fd-9b8f71b58881}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Edge:
=======
DownloadDir: C:\Users\Jarka Simkova\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Jarka Simkova\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-08]

FireFox:
========
FF DefaultProfile: 4x22v3ip.default
FF ProfilePath: C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default [2021-06-08]
FF Homepage: Mozilla\Firefox\Profiles\4x22v3ip.default -> www.google.sk
FF Extension: (Slovak (SK) Language Pack) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\langpack-sk@firefox.mozilla.org.xpi [2021-06-05]
FF Extension: (Slovenská kontrola preklepov) - C:\Users\Jarka Simkova\AppData\Roaming\Mozilla\Firefox\Profiles\4x22v3ip.default\Extensions\sk@dictionaries.addons.mozilla.org.xpi [2019-05-19]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-27] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default [2021-05-15]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Prezentácie) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-22]
CHR Extension: (Dokumenty) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-22]
CHR Extension: (Disk Google) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (YouTube) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-22]
CHR Extension: (Tabuľky) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-10]
CHR Extension: (Gmail) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jarka Simkova\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\NisSrv.exe [2644760 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2105.4-0\MsMpEng.exe [136656 2021-06-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-09] (WDKTestCert aswbldsv,131431045756648395 -> Qualcomm)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 hwdatacard; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [117248 2009-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [21200 2019-05-17] (EnTech Taiwan -> EnTech Taiwan)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-06-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425208 2021-06-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-06-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 13:33 - 2021-06-08 13:34 - 000016525 _____ C:\Users\Jarka Simkova\Desktop\FRST.txt
2021-06-08 13:08 - 2021-06-08 13:08 - 000003890 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-06-08 13:08 - 2021-06-08 13:08 - 000003448 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-06-08 11:53 - 2021-06-08 11:53 - 011697056 _____ (ESET) C:\Users\Jarka Simkova\Downloads\esetonlinescanner.exe
2021-06-08 11:53 - 2021-06-08 11:53 - 000001401 _____ C:\Users\Jarka Simkova\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-06-08 11:53 - 2021-06-08 11:53 - 000001295 _____ C:\Users\Jarka Simkova\Desktop\ESET Online Scanner.lnk
2021-06-08 11:53 - 2021-06-08 11:53 - 000000000 ____D C:\Users\Jarka Simkova\AppData\Local\ESET
2021-06-08 11:15 - 2021-06-08 11:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-08 11:15 - 2021-06-08 11:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-08 11:15 - 2021-06-08 11:15 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-08 11:15 - 2021-06-08 11:15 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-08 11:15 - 2021-06-08 11:15 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-08 11:15 - 2021-06-08 11:15 - 000011327 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-08 11:14 - 2021-06-08 11:14 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-08 11:14 - 2021-06-08 11:14 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-08 11:14 - 2021-06-08 11:14 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-08 11:14 - 2021-06-08 11:14 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-08 11:14 - 2021-06-08 11:14 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-08 11:14 - 2021-06-08 11:14 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-08 11:14 - 2021-06-08 11:14 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-08 11:14 - 2021-06-08 11:14 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-08 10:50 - 2021-06-08 10:50 - 000000000 ____D C:\WINDOWS\Firmware
2021-06-08 10:42 - 2021-06-08 10:43 - 000000000 ____D C:\AdwCleaner
2021-06-08 10:41 - 2021-06-08 10:41 - 008534696 _____ (Malwarebytes) C:\Users\Jarka Simkova\Downloads\AdwCleaner.exe
2021-06-08 10:24 - 2021-06-08 13:34 - 000000000 ____D C:\FRST
2021-06-08 10:23 - 2021-06-08 10:23 - 002300416 _____ (Farbar) C:\Users\Jarka Simkova\Desktop\FRST64 (1).exe
2021-06-05 12:35 - 2021-06-05 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-04 21:38 - 2021-06-05 12:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-23 10:42 - 2021-05-23 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2021-05-14 20:58 - 2021-05-14 20:58 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-14 20:58 - 2021-05-14 20:58 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-14 20:57 - 2021-05-14 20:57 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-14 20:57 - 2021-05-14 20:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-14 20:56 - 2021-05-14 20:56 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-14 20:56 - 2021-05-14 20:56 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-08 13:30 - 2021-03-28 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-08 13:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-08 13:15 - 2021-03-29 05:25 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-08 13:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-08 13:09 - 2021-03-29 05:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-08 13:09 - 2021-03-28 09:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-08 13:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-08 13:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-08 13:09 - 2018-11-24 03:44 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-06-08 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-08 11:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-08 11:22 - 2021-03-28 09:51 - 000437984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-08 11:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-08 11:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-08 11:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-08 11:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-08 10:50 - 2018-04-17 21:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-08 10:49 - 2019-11-22 12:40 - 000002324 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-08 10:48 - 2020-06-23 21:18 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-08 10:48 - 2020-06-23 21:18 - 000002293 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-08 10:48 - 2020-06-23 21:18 - 000002293 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-08 10:47 - 2019-11-22 12:35 - 000000000 ____D C:\ProgramData\AVG
2021-06-08 10:43 - 2021-03-29 05:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-06-08 10:43 - 2020-03-13 07:14 - 000000000 ____D C:\WINDOWS\Lenovo
2021-06-08 10:43 - 2019-05-17 16:38 - 000000000 ____D C:\Users\Jarka Simkova\AppData\Local\Lenovo
2021-06-08 10:43 - 2018-11-24 03:32 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-08 10:40 - 2019-07-17 04:59 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-06-05 16:20 - 2019-05-19 20:39 - 000000000 ____D C:\Users\Jarka Simkova\AppData\LocalLow\Mozilla
2021-06-05 12:43 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-05 12:40 - 2019-05-19 20:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-05 12:37 - 2021-03-28 09:54 - 000000000 ____D C:\Users\Jarka Simkova
2021-06-05 12:37 - 2019-05-19 20:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-06-05 12:35 - 2019-05-19 20:38 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-04 22:01 - 2021-04-12 21:01 - 000003310 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d723a829aa6dd4
2021-06-04 22:01 - 2021-03-29 05:25 - 000003384 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-06-04 22:01 - 2021-03-29 05:25 - 000003160 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-06-04 22:01 - 2021-03-29 05:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-06-02 20:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-02 19:58 - 2020-11-01 13:49 - 000005406 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-27 21:17 - 2019-05-17 16:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-05-27 20:51 - 2020-01-12 22:04 - 000000000 ____D C:\Users\Jarka Simkova\Desktop\Nový priečinok
2021-05-27 20:01 - 2021-03-29 05:25 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-05-25 17:36 - 2019-10-03 22:59 - 000000000 ___HD C:\ProgramData\CyberLink
2021-05-23 10:42 - 2019-10-16 06:19 - 000002574 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002496 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002491 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-05-23 10:42 - 2019-10-16 06:19 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-05-15 06:55 - 2019-12-07 16:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-15 06:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-14 21:03 - 2019-12-07 16:39 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-14 20:24 - 2019-06-02 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-14 20:01 - 2019-06-02 22:19 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {009133C7-B9CB-4318-9EBE-6BF182799DEB} - \Lenovo\ImController\TimeBasedEvents\83448ab0-3ae0-4847-ac47-b1180e6f2568 -> No File <==== ATTENTION
Task: {10D6AF18-EE7F-4872-80F0-E8AFE7BBA385} - \Lenovo\ImController\TimeBasedEvents\1ed76e21-6aed-4316-9ddf-41f997627221 -> No File <==== ATTENTION
Task: {24D727D8-22AB-4FC5-95F5-265DACFDDC58} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {417BCBCB-00FE-4D11-836A-E52B771E357B} - \Lenovo\ImController\TimeBasedEvents\70f23f41-34e4-4ae7-b190-ec0af1a04da1 -> No File <==== ATTENTION
Task: {83A76978-F115-416B-8535-10A2582D4775} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {84C33941-96CF-45CF-ABE5-B1461DC9EF99} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {9D3271F2-7F14-4EC3-9123-32BCDC05EDC3} - \Lenovo\ImController\TimeBasedEvents\1360665a-6133-4341-be29-ea2b99cc32fa -> No File <==== ATTENTION
Task: {D9E7ED4A-5FD5-49A3-97F0-7B817A3E5FD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-22] (Google Inc -> Google Inc.)
Task: {FD6A4626-BAF6-40C9-AE40-954C74EA58BD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
dge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-3940926089-4164835052-1180443062-1002_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jarka Simkova\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKU\S-1-5-21-3940926089-4164835052-1180443062-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/


E4mptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Windef stačí, pokud nemáte torrent, nebo nechodíte do "temných zákoutí" internetu. Ochrana softwarem 3. strany je ovšem lepší.