VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2021
Ran by casua (administrator) on LAPTOP-QAN6RVD0 (LENOVO 81D1) (05-08-2021 21:13:16)
Running from C:\Users\casua\OneDrive\Počítač
Loaded Profiles: casua
Platform: Windows 10 Home Version 20H2 19042.1083 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.343.2280.0.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2E603449-DC57-4E81-AC44-9E842344E5F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51357FBB-522B-493F-9FBA-884A2C611B2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F3B22A3-8079-40FF-B5EE-38A7A3B22A01} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\49d160dc-8183-487c-8bd6-ba873158a29a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.)
Task: {6CAE0547-9107-4E54-A958-ECFF20AE318D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D2203A3-C0A2-42B6-ABFD-A81EBC2889D8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7B09C2D3-65E8-4079-9957-A5B6BDD57AF9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {80155BD6-DEC1-4746-8E20-5E5AE8F0E919} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {886A360C-6237-4409-B587-5950339F24DE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {9018FDF0-53CB-4C05-AC4A-FE95B7360834} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d6ac93f3-48b6-484a-877c-6beaf7710e00 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.)
Task: {A0F821F7-569B-4DA9-922E-F05FA0508B9D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {A961DCD7-376E-40BC-B81D-A64B38AB289A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {BB8AE174-3172-4BA6-91EC-1F6DB41CC004} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fb4d09a7-df67-493f-905a-a15363f1e81a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.)
Task: {C59EEFD6-2D0F-444B-9E6C-54BA076C560C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {DA8AF0C9-F3EF-4B0F-8571-E446C737F980} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {E03BC41C-8B2A-402E-ABB5-F2A51489444F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe
Task: {E58EAD0E-6C64-4FB4-9FB2-A455DA2760AC} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62448 2021-06-17] (Lenovo -> Lenovo Group Ltd.)
Task: {EE999B05-E1DA-4BAE-9E27-317B85466755} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ee9a45d8-4c56-443f-93b8-38121d738f65 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.)
Task: {FE4D0C3D-4247-4165-AC21-87567873B5E0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-05-19] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0d82e113-8304-4f0a-b79b-f21609811a35}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{66ab52eb-fa83-4bb6-8941-9c2da4d06973}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\casua\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-05]
Edge DownloadDir: Default -> C:\Users\casua\OneDrive\Počítač
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\casua\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-03-10]

FireFox:
========
FF DefaultProfile: qwjwxy0a.default
FF ProfilePath: C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\qwjwxy0a.default [2021-03-04]
FF ProfilePath: C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\3gs0gdpk.default-release [2021-08-05]
FF DownloadDir: C:\Users\casua\OneDrive\Počítač
FF Homepage: Mozilla\Firefox\Profiles\3gs0gdpk.default-release -> www.google.sk
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\3gs0gdpk.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-29]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81912 2021-06-17] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-01-30] (Microsoft Corporation) [File not signed]
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
R3 MpKsl462dd89a; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6CA04903-CBAC-4D88-8CD9-1FE59F9B6BB8}\MpKslDrv.sys [107752 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49152 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-05 21:12 - 2021-08-05 21:15 - 000000000 ____D C:\FRST
2021-08-05 21:02 - 2021-08-05 21:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-08-05 09:52 - 2021-08-05 09:52 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-07-29 10:33 - 2021-07-29 10:33 - 000001416 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2021-07-29 09:00 - 2021-07-29 09:00 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-29 09:00 - 2021-07-29 09:00 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-29 08:59 - 2021-07-29 08:59 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-29 08:59 - 2021-07-29 08:59 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-29 08:59 - 2021-07-29 08:59 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-29 08:59 - 2021-07-29 08:59 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-29 08:59 - 2021-07-29 08:59 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-29 08:57 - 2021-07-29 08:57 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-29 08:57 - 2021-07-29 08:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-29 08:57 - 2021-07-29 08:57 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-29 08:57 - 2021-07-29 08:57 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-29 08:57 - 2021-07-29 08:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-29 08:07 - 2021-07-29 08:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-08 18:23 - 2021-01-25 08:44 - 026677048 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 013520184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-07-08 18:23 - 2021-01-25 08:44 - 001790200 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-07-08 18:23 - 2021-01-25 08:44 - 001386232 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-07-08 18:23 - 2021-01-25 08:44 - 001386232 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-07-08 18:23 - 2021-01-25 08:44 - 001096288 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 001096288 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000949344 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000949344 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000507704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000370488 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000306000 _____ C:\WINDOWS\system32\libmfxhw64.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000254528 _____ C:\WINDOWS\SysWOW64\libmfxhw32.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000171472 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2021-07-08 18:23 - 2021-01-25 08:44 - 000146760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-05 21:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-05 21:06 - 2021-02-13 23:15 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-05 21:03 - 2021-02-13 23:15 - 000000000 ____D C:\Users\casua\AppData\LocalLow\Mozilla
2021-08-05 21:02 - 2021-02-13 23:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-05 21:01 - 2021-02-13 23:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-05 20:49 - 2021-01-30 20:52 - 000795802 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-05 20:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-05 20:46 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-05 20:42 - 2021-01-30 13:03 - 000000000 __SHD C:\Users\casua\IntelGraphicsProfiles
2021-08-05 20:41 - 2021-01-30 20:19 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-08-05 20:41 - 2021-01-30 20:18 - 000000000 ____D C:\Intel
2021-08-05 20:41 - 2021-01-30 20:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-05 20:41 - 2021-01-30 20:15 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-05 20:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-05 11:48 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-05 11:44 - 2021-01-30 14:30 - 000000000 ____D C:\Users\casua\AppData\Roaming\vlc
2021-08-05 11:03 - 2021-01-30 20:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-05 10:07 - 2021-01-30 12:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-05 09:55 - 2021-01-30 20:37 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-05 09:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-05 09:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-05 09:52 - 2018-07-04 21:29 - 000000000 ____D C:\Program Files (x86)\Intel
2021-08-05 09:52 - 2018-07-04 21:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-05 09:46 - 2021-01-30 20:37 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-05 09:46 - 2021-01-30 20:37 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-05 09:44 - 2021-01-30 12:15 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-05 09:41 - 2021-01-30 20:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-29 10:30 - 2021-01-30 20:15 - 000258088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-29 09:23 - 2021-06-09 19:28 - 000002374 _____ C:\Users\casua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-29 09:23 - 2021-01-30 12:18 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3271678830-734790740-3617327906-1001
2021-07-29 09:23 - 2021-01-30 12:18 - 000000000 ___RD C:\Users\casua\OneDrive
2021-07-29 08:05 - 2021-04-28 17:53 - 000000000 ____D C:\Users\casua\AppData\Local\CrashDumps
2021-07-10 11:12 - 2021-01-30 12:03 - 000000000 ____D C:\Users\casua
2021-07-09 19:07 - 2021-01-30 12:29 - 000000000 ____D C:\Users\casua\AppData\Local\Intel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-05.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-06-2021
# Duration: 00:00:25
# OS: Windows 10 Home
# Cleaned: 5
# Awaiting reboot:1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Users\casua\AppData\Local\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\Users\casua\AppData\Local\LENOVO\IMCONTROLLER

*************************

AdwCleaner[S00].txt - [1861 octets] - [06/08/2021 19:12:50]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Dejte noivé logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2021
Ran by casua (administrator) on LAPTOP-QAN6RVD0 (LENOVO 81D1) (09-08-2021 11:58:21)
Running from C:\Users\casua\OneDrive\Počítač
Loaded Profiles: casua
Platform: Windows 10 Home Version 20H2 19042.1151 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngentask.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2E603449-DC57-4E81-AC44-9E842344E5F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51357FBB-522B-493F-9FBA-884A2C611B2A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F3B22A3-8079-40FF-B5EE-38A7A3B22A01} - \Lenovo\ImController\TimeBasedEvents\49d160dc-8183-487c-8bd6-ba873158a29a -> No File <==== ATTENTION
Task: {6CAE0547-9107-4E54-A958-ECFF20AE318D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D2203A3-C0A2-42B6-ABFD-A81EBC2889D8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7B09C2D3-65E8-4079-9957-A5B6BDD57AF9} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {80155BD6-DEC1-4746-8E20-5E5AE8F0E919} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {886A360C-6237-4409-B587-5950339F24DE} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {9018FDF0-53CB-4C05-AC4A-FE95B7360834} - \Lenovo\ImController\TimeBasedEvents\d6ac93f3-48b6-484a-877c-6beaf7710e00 -> No File <==== ATTENTION
Task: {A0F821F7-569B-4DA9-922E-F05FA0508B9D} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {A961DCD7-376E-40BC-B81D-A64B38AB289A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {BB8AE174-3172-4BA6-91EC-1F6DB41CC004} - \Lenovo\ImController\TimeBasedEvents\fb4d09a7-df67-493f-905a-a15363f1e81a -> No File <==== ATTENTION
Task: {C59EEFD6-2D0F-444B-9E6C-54BA076C560C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {DA8AF0C9-F3EF-4B0F-8571-E446C737F980} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-29] (Mozilla Corporation -> Mozilla Foundation)
Task: {E03BC41C-8B2A-402E-ABB5-F2A51489444F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe
Task: {E58EAD0E-6C64-4FB4-9FB2-A455DA2760AC} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {EE999B05-E1DA-4BAE-9E27-317B85466755} - \Lenovo\ImController\TimeBasedEvents\ee9a45d8-4c56-443f-93b8-38121d738f65 -> No File <==== ATTENTION
Task: {FE4D0C3D-4247-4165-AC21-87567873B5E0} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0d82e113-8304-4f0a-b79b-f21609811a35}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{66ab52eb-fa83-4bb6-8941-9c2da4d06973}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\casua\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-06]
Edge DownloadDir: Default -> C:\Users\casua\OneDrive\Počítač
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\casua\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-03-10]

FireFox:
========
FF DefaultProfile: qwjwxy0a.default
FF ProfilePath: C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\qwjwxy0a.default [2021-03-04]
FF ProfilePath: C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\3gs0gdpk.default-release [2021-08-06]
FF DownloadDir: C:\Users\casua\OneDrive\Počítač
FF Homepage: Mozilla\Firefox\Profiles\3gs0gdpk.default-release -> www.google.sk
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\3gs0gdpk.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-07-29]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2021-01-30] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [49152 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-05] (Microsoft Windows -> Microsoft Corporation)
S3 semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-06 19:11 - 2021-08-06 19:15 - 000000000 ____D C:\AdwCleaner
2021-08-06 09:15 - 2021-08-06 09:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-06 09:15 - 2021-08-06 09:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-06 09:15 - 2021-08-06 09:15 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-06 09:15 - 2021-08-06 09:15 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-06 09:14 - 2021-08-06 09:14 - 000011461 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-06 09:13 - 2021-08-06 09:13 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-06 09:12 - 2021-08-06 09:12 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-06 09:12 - 2021-08-06 09:12 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-06 09:11 - 2021-08-06 09:11 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-05 21:12 - 2021-08-09 12:00 - 000000000 ____D C:\FRST
2021-08-05 21:02 - 2021-08-05 21:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-29 10:33 - 2021-07-29 10:33 - 000001416 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2021-07-29 09:00 - 2021-07-29 09:00 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-29 09:00 - 2021-07-29 09:00 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-29 08:59 - 2021-07-29 08:59 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-29 08:59 - 2021-07-29 08:59 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-29 08:59 - 2021-07-29 08:59 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-29 08:59 - 2021-07-29 08:59 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-29 08:57 - 2021-07-29 08:57 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-29 08:57 - 2021-07-29 08:57 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-29 08:57 - 2021-07-29 08:57 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-29 08:07 - 2021-08-06 11:50 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-09 12:10 - 2021-01-30 20:37 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-09 12:07 - 2021-06-09 19:28 - 000002374 _____ C:\Users\casua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-09 12:07 - 2021-01-30 12:18 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3271678830-734790740-3617327906-1001
2021-08-09 12:07 - 2021-01-30 12:18 - 000000000 ___RD C:\Users\casua\OneDrive
2021-08-09 12:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-09 12:02 - 2021-01-30 20:52 - 000795802 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-09 12:02 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-09 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-09 11:56 - 2021-01-30 13:03 - 000000000 __SHD C:\Users\casua\IntelGraphicsProfiles
2021-08-09 11:55 - 2021-01-30 20:19 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-08-09 11:55 - 2021-01-30 20:18 - 000000000 ____D C:\Intel
2021-08-09 11:55 - 2021-01-30 20:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-09 11:55 - 2021-01-30 20:15 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-09 11:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-06 20:47 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-06 20:37 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-06 20:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-06 20:30 - 2021-01-30 20:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-06 19:51 - 2018-07-04 21:29 - 000000000 ____D C:\Program Files (x86)\Intel
2021-08-06 19:51 - 2018-07-04 21:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-08-06 19:49 - 2021-02-13 23:15 - 000000000 ____D C:\Users\casua\AppData\LocalLow\Mozilla
2021-08-06 19:46 - 2018-07-04 21:26 - 000000000 ____D C:\Program Files\Intel
2021-08-06 19:26 - 2021-01-30 12:23 - 000000000 ____D C:\Users\casua\AppData\Local\D3DSCache
2021-08-06 19:25 - 2021-02-13 23:15 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-06 19:15 - 2021-01-30 12:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-08-06 19:15 - 2021-01-30 10:02 - 000000000 ____D C:\WINDOWS\Lenovo
2021-08-06 19:15 - 2018-07-04 21:54 - 000000000 ____D C:\ProgramData\Lenovo
2021-08-06 11:51 - 2021-01-30 20:15 - 000258088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-06 11:50 - 2021-02-13 23:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-06 11:48 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-06 11:48 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-06 11:46 - 2021-01-30 14:30 - 000000000 ____D C:\Users\casua\AppData\Roaming\vlc
2021-08-06 08:41 - 2021-04-28 17:53 - 000000000 ____D C:\Users\casua\AppData\Local\CrashDumps
2021-08-05 21:01 - 2021-02-13 23:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-08-05 10:07 - 2021-01-30 12:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-05 09:46 - 2021-01-30 20:37 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-05 09:46 - 2021-01-30 20:37 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-05 09:44 - 2021-01-30 12:15 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-05 09:41 - 2021-01-30 20:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-29 10:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-10 11:12 - 2021-01-30 12:03 - 000000000 ____D C:\Users\casua

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by casua (09-08-2021 12:14:08)
Running from C:\Users\casua\OneDrive\Počítač
Windows 10 Home Version 20H2 19042.1151 (X64) (2021-01-30 18:53:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3271678830-734790740-3617327906-500 - Administrator - Disabled)
casua (S-1-5-21-3271678830-734790740-3617327906-1001 - Administrator - Enabled) => C:\Users\casua
DefaultAccount (S-1-5-21-3271678830-734790740-3617327906-503 - Limited - Disabled)
Guest (S-1-5-21-3271678830-734790740-3617327906-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3271678830-734790740-3617327906-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Intel(R) Graphics Driver Software (HKLM-x32\...\{8b5a8e04-659a-4407-b2e1-04ad55a2e72e}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d0e4f33b-f383-4c75-8d81-ec92db2939eb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{e159f285-6867-4ec7-83de-ddc54070f211}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3271678830-734790740-3617327906-1001\...\OneDriveSetup.exe) (Version: 21.139.0711.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 90.0.2 (x64 sk)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
WinRAR 6.00 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2021-01-30] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-06-09] (Apple Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.0.44.0_x64__5grkq8ppsgwt4 [2021-08-06] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-09] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-01-30] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-06] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14228.20226.0_x86__8wekyb3d8bbwe [2021-08-06] (Microsoft Corporation)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-09] (INTEL CORP) [Startup Task]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt [2021-07-01] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.powerdvdforlenovo_14.2.2520.0_x86__m916jedk64snt [2021-01-30] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.195.0_x64__dt26b99r8h8gj [2021-01-30] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.22661.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3271678830-734790740-3617327906-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-15 15:37 - 2020-12-15 15:37 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\casua\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EA58D66B-61D8-475B-A426-07BC56E9D9B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{702B2014-9222-4AD2-A2E7-291F15DD6C6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15057885-23EA-4E71-9145-93AF7957FC9C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0BAAEC9D-DF7D-4568-9642-C1301170BFD0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{629F4F9D-30FB-4E72-9579-470994013C17}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{86B6D4B6-5404-4620-92A3-A6F853C67108}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{1EB44AF1-D144-44B1-8726-04AF5A58975A}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{7EB32991-27D8-4BA0-9E95-1E04EDF21DBF}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{211911B4-3D20-48BC-BEF5-F3409BA2FBC8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BCF7C096-2886-4A76-B5B6-0926C841D1B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{67CAB1DF-812F-43B1-B4B4-AC9032320679}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8F5D5DF4-DCB2-49A1-83D2-D36D695F0586}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6537A8EE-3159-4F9A-8235-73203A02437A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2965D6FF-7070-4F0F-B54A-A95009607AC3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F3AA4237-E463-490C-A1AE-1CD8A62EDBC2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{239C9140-A468-4AF4-A11F-AB7336B0C938}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{815C7D5E-37DD-40F1-9300-C96A050CFFFE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{207436B1-8B4A-425C-90C2-3A230D805360}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C5F66FC2-0A7B-4324-B775-3C51A61DDA53}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C6E46A86-AAF7-4558-82FE-0AF065A56B0A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{EB7AF3B5-2ABC-418F-AD83-7E9CEB831673}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B9D4D03E-683B-4284-837E-9B6D1C276902}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14228.20226.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

27-02-2021 15:03:39 Inštalátor modulov systému Windows
27-02-2021 15:19:07 Inštalátor modulov systému Windows
09-03-2021 21:31:33 Inštalátor modulov systému Windows
09-03-2021 21:35:54 Inštalátor modulov systému Windows
10-03-2021 17:12:18 Inštalátor modulov systému Windows
11-03-2021 20:51:35 Inštalátor modulov systému Windows
11-03-2021 21:00:31 Inštalátor modulov systému Windows
28-04-2021 18:08:59 Inštalátor modulov systému Windows
17-05-2021 20:34:48 Inštalátor modulov systému Windows
09-06-2021 09:32:33 Inštalátor modulov systému Windows
09-06-2021 19:10:38 Inštalátor modulov systému Windows
09-06-2021 19:14:24 Inštalátor modulov systému Windows
09-06-2021 19:16:30 Inštalátor modulov systému Windows
30-06-2021 12:05:04 Inštalátor modulov systému Windows
08-07-2021 22:38:13 Inštalátor modulov systému Windows
09-07-2021 18:48:18 Inštalátor modulov systému Windows
29-07-2021 08:06:09 Inštalátor modulov systému Windows
05-08-2021 10:07:43 Inštalátor modulov systému Windows
05-08-2021 21:16:35 Inštalátor modulov systému Windows
05-08-2021 21:31:19 Inštalátor modulov systému Windows
06-08-2021 19:14:07 AdwCleaner_BeforeCleaning_06/08/2021_19:13:30
06-08-2021 20:28:01 Inštalátor modulov systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/09/2021 12:11:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IGCCTray.exe version 1.100.3325.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1a30

Start Time: 01d78d04f651f3f7

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe

Report Id: 0abc1951-5e14-4143-a5b9-5bf2d45c641c

Faulting package full name: AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (08/06/2021 08:47:12 PM) (Source: igccservice) (EventID: 0) (User: )
Description: Service cannot be started. A system shutdown is in progress

Error: (08/06/2021 08:40:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: GameBar.exe, verzia: 5.721.5282.0, časová značka: 0x60b1790e
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1081, časová značka: 0xde3fc775
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010bd3e
Identifikácia chybujúceho procesu: 0x2f8
Čas spustenia chybujúcej aplikácie: 0x01d78a8de12aacf2
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 1b360ce0-02ac-4ee3-aa4d-26e9a256a7f1
Celé meno chybujúceho balíka: Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (08/05/2021 09:51:59 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (07/29/2021 10:33:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeUpdate.exe, verzia: 1.3.135.29, časová značka: 0x5f35ff5c
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x54d9b870
Identifikácia chybujúceho procesu: 0xab4
Čas spustenia chybujúcej aplikácie: 0x01d784545565b299
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 73ff2ac0-4ee1-487b-9fc4-854143189ef7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (07/29/2021 08:04:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: GameBar.exe, verzia: 5.721.5282.0, časová značka: 0x60b1790e
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1023, časová značka: 0x924f9cdb
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000010b39c
Identifikácia chybujúceho procesu: 0x1aa8
Čas spustenia chybujúcej aplikácie: 0x01d7843f8d5e0ee3
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 480a5317-ea51-4eca-bdd5-70a1b2787aa2
Celé meno chybujúceho balíka: Microsoft.XboxGamingOverlay_5.721.5282.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (07/09/2021 06:45:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program TextInputHost.exe version 2001.22012.0.2020 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2320

Start Time: 01d76d9d17c478d0

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe

Report Id: 1491ad2f-c9ff-45b0-b6cf-165648998a4c

Faulting package full name: MicrosoftWindows.Client.CBS_120.2212.2020.0_x64__cw5n1h2txyewy

Faulting package-relative application ID: InputApp

Hang type: Quiesce

Error: (06/09/2021 11:40:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.


System errors:
=============
Error: (08/09/2021 12:11:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (08/09/2021 12:00:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek bola ukončená s nasledujúcou chybou:
{Volume Shadow Copy Service}
The system is now ready for hibernation.

Error: (08/09/2021 11:59:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek bola ukončená s nasledujúcou chybou:
{Volume Shadow Copy Service}
The system is now ready for hibernation.

Error: (08/09/2021 11:58:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (08/09/2021 11:58:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Energy Server Service queencreek bola ukončená s nasledujúcou chybou:
{Volume Shadow Copy Service}
The system is now ready for hibernation.

Error: (08/09/2021 11:57:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (08/09/2021 11:56:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (08/09/2021 11:56:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby System Interface Foundation Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.


Windows Defender:
================
Date: 2021-08-06 10:59:40
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-15 11:12:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-15 16:39:38
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2021-03-10 16:45:12
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-03-04 00:22:54
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-08-06 19:16:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.2295.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80240022
Error description: Program nemôže skontrolovať aktualizácie definícií.

Date: 2021-08-05 20:59:04
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.2280.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-05 20:59:04
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.2280.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-05 09:52:32
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.2280.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2021-08-05 09:47:55
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.343.1846.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18300.4
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2021-02-21 19:43:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-21 19:41:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 7XCN40WW 12/04/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 60%
Total physical RAM: 3918.57 MB
Available physical RAM: 1540.28 MB
Total Virtual: 6094.57 MB
Available Virtual: 3600.48 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:81.3 GB) NTFS

\\?\Volume{0f49ae9f-2fe1-4928-bcb9-aee148d821f1}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.48 GB) NTFS
\\?\Volume{f4193deb-79d4-49f0-9fbb-4a0a96b287a5}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6DC6C26)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {5F3B22A3-8079-40FF-B5EE-38A7A3B22A01} - \Lenovo\ImController\TimeBasedEvents\49d160dc-8183-487c-8bd6-ba873158a29a -> No File <==== ATTENTION
Task: {9018FDF0-53CB-4C05-AC4A-FE95B7360834} - \Lenovo\ImController\TimeBasedEvents\d6ac93f3-48b6-484a-877c-6beaf7710e00 -> No File <==== ATTENTION
Task: {A0F821F7-569B-4DA9-922E-F05FA0508B9D} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {BB8AE174-3172-4BA6-91EC-1F6DB41CC004} - \Lenovo\ImController\TimeBasedEvents\fb4d09a7-df67-493f-905a-a15363f1e81a -> No File <==== ATTENTION
Task: {C59EEFD6-2D0F-444B-9E6C-54BA076C560C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {E58EAD0E-6C64-4FB4-9FB2-A455DA2760AC} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {EE999B05-E1DA-4BAE-9E27-317B85466755} - \Lenovo\ImController\TimeBasedEvents\ee9a45d8-4c56-443f-93b8-38121d738f65 -> No File <==== ATTENTION
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3271678830-734790740-3617327906-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/

EmptyTemp:
End

Uložte do C:\Users\casua\OneDrive\Počítač jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-08-2021
Ran by casua (09-08-2021 14:39:05) Run:1
Running from C:\Users\casua\OneDrive\Počítač
Loaded Profiles: casua
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {5F3B22A3-8079-40FF-B5EE-38A7A3B22A01} - \Lenovo\ImController\TimeBasedEvents\49d160dc-8183-487c-8bd6-ba873158a29a -> No File <==== ATTENTION
Task: {9018FDF0-53CB-4C05-AC4A-FE95B7360834} - \Lenovo\ImController\TimeBasedEvents\d6ac93f3-48b6-484a-877c-6beaf7710e00 -> No File <==== ATTENTION
Task: {A0F821F7-569B-4DA9-922E-F05FA0508B9D} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {BB8AE174-3172-4BA6-91EC-1F6DB41CC004} - \Lenovo\ImController\TimeBasedEvents\fb4d09a7-df67-493f-905a-a15363f1e81a -> No File <==== ATTENTION
Task: {C59EEFD6-2D0F-444B-9E6C-54BA076C560C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {E58EAD0E-6C64-4FB4-9FB2-A455DA2760AC} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {EE999B05-E1DA-4BAE-9E27-317B85466755} - \Lenovo\ImController\TimeBasedEvents\ee9a45d8-4c56-443f-93b8-38121d738f65 -> No File <==== ATTENTION
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3271678830-734790740-3617327906-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> "C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe" -ToastActivated => No File
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F3B22A3-8079-40FF-B5EE-38A7A3B22A01}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F3B22A3-8079-40FF-B5EE-38A7A3B22A01}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\49d160dc-8183-487c-8bd6-ba873158a29a" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9018FDF0-53CB-4C05-AC4A-FE95B7360834}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9018FDF0-53CB-4C05-AC4A-FE95B7360834}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\d6ac93f3-48b6-484a-877c-6beaf7710e00" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A0F821F7-569B-4DA9-922E-F05FA0508B9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0F821F7-569B-4DA9-922E-F05FA0508B9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB8AE174-3172-4BA6-91EC-1F6DB41CC004}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB8AE174-3172-4BA6-91EC-1F6DB41CC004}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\fb4d09a7-df67-493f-905a-a15363f1e81a" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C59EEFD6-2D0F-444B-9E6C-54BA076C560C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C59EEFD6-2D0F-444B-9E6C-54BA076C560C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E58EAD0E-6C64-4FB4-9FB2-A455DA2760AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E58EAD0E-6C64-4FB4-9FB2-A455DA2760AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE999B05-E1DA-4BAE-9E27-317B85466755}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE999B05-E1DA-4BAE-9E27-317B85466755}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\ee9a45d8-4c56-443f-93b8-38121d738f65" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3271678830-734790740-3617327906-1001_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145} => removed successfully
"HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10530938 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 5902692 B
Edge => 0 B
Firefox => 25083580 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 393109324 B
casua => 536644413 B

RecycleBin => 0 B
EmptyTemp: => 934.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 09-08-2021 14:42:05)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 14:42:05 ====

Smazáno. Nastala nějaká změna?

Myslím, že ide lepšie. Mohli by ste mi, prosím, povedať, aká bola príčina?

Malware žádný, jen zbytečnosti.

Ďakujem veľmi pekne

Nemáte zač!