Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola logů zpomalování notebooku

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Escherka
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 črc 2018 16:50

Preventivní kontrola logů zpomalování notebooku

#1 Příspěvek od Escherka »

Ahoj porposil bych o kontrolu logů na notebooku. Poslední dobou se zasekavá/zpomaluje
Děkuji

FRST
frst.txt

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-08-2022
Ran by iva (administrator) on DESKTOP-OBN7LHI (LENOVO 81N6) (14-08-2022 14:53:30)
Running from C:\Users\minar\Downloads
Loaded Profiles: iva
Platform: Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <3>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(explorer.exe ->) (LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4\LaunchUtility\utility.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (OpenVPN Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0344110.inf_amd64_73212948657b175c\B343946\atiesrxx.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\YMC.exe
(services.exe ->) (Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\LNBITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (OpenVPN Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Windows\System32\DriverStore\FileRepository\wtabletserviceisd.inf_amd64_9177e4957c708bc4\WTabletServiceISD.exe <2>
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\minar\AppData\Local\slack\app-4.27.154\slack.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\AFA\CAudioFilterAgent64.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\Flow.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SA3\SmartAudio3.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\Run: [] => [X]
HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [669112 2019-10-31] (OpenVPN Inc. -> )
HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\minar\AppData\Local\slack\slack.exe [309040 2022-06-27] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07E4AA3D-CE59-4FE5-9EE0-ED59B946818E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8324aba0-32f6-49ce-bda5-9b37b60d0519 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {0A85759F-96D6-48CA-8773-A5DFCC5AA237} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0B12100E-5AAE-4140-BC02-85E907477D37} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {1406BA27-D58D-4868-B862-71AD8BAEB50A} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\WINDOWS\System32\Autopilot.dll [192000 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {1742D6F8-CB99-451A-87C0-1B93809BFE4E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1E2B09E7-7E16-416A-9B92-47977F3AF063} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0c2ed41d-35a1-44e6-aa4e-fa4bfd585238 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {33DE4FA6-C735-4171-8DA8-506899A64A93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B067F5E-B573-4A88-9DCA-9B1138DD683A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {418448D5-532C-4C2E-8D34-02B769AC10FB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {578067A5-3322-41E9-AC4D-67B2888DF959} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {59E3E2C5-FE98-476A-99D6-8B133C43F719} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8406496 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {6CADE3AB-86C2-4312-8D23-0B4A69C07E4A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7F7E2136-B022-47E8-8AA1-7FEFF3807B99} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {81D971A7-CF4D-47E5-A960-72BC213F51E2} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4202168 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {99D868C8-41C9-490F-92C3-B948997A3B45} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7976ca8e-feb8-49ed-9e13-ce4885dac4cd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {9DE31D0C-DF83-4CF3-90F5-100F5A79D1AF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AA1FD321-BA8E-425C-A622-375B5C997FF0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {ABC2C799-A63D-4FD5-A8BA-AD6ADBAC121F} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {C95C1FB8-2CA8-41E0-972C-56CDEA82B535} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [147864 2022-05-12] (Lenovo -> Lenovo Group Ltd.)
Task: {CACFFDAF-CEC0-4891-9213-C923305FCC7A} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {CE31DD05-24EC-42B5-B1BC-8367777E134A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D1D9BA9E-2827-42A8-AC34-C7F95F6CDE66} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {DA8C768F-BE11-4CCB-AC32-F7897C417089} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [145304 2022-08-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E93F58C0-F0EC-4603-B50C-89AB8D36816D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\06c4204d-06e7-4643-83b4-4fcc8b71c043 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {F393287D-D24B-4B91-A979-0D321F540A54} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [61856 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {F87FF4D7-E329-47D9-8EE6-774A94048A52} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23713200 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FB5BC1C9-10D5-4C9C-BC0F-8FEB9C045336} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cc721358-a347-45ad-a4ee-ba28124517b1 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4a4e0280-b4a6-4dc4-8821-24fd573e76bd}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\minar\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-09]
Edge HomePage: Default -> hxxp://lenovo17win10.msn.com/?pc=LCTE

FireFox:
========
FF DefaultProfile: jxdlv2wt.default
FF ProfilePath: C:\Users\minar\AppData\Roaming\Mozilla\Firefox\Profiles\jxdlv2wt.default [2020-05-19]
FF ProfilePath: C:\Users\minar\AppData\Roaming\Mozilla\Firefox\Profiles\jtwemmv8.default-release [2022-08-14]
FF Homepage: Mozilla\Firefox\Profiles\jtwemmv8.default-release -> hxxps://www.google.com/
FF Notifications: Mozilla\Firefox\Profiles\jtwemmv8.default-release -> hxxps://app.codexis.cz
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12102608 2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
R2 CxAudioSvc; C:\WINDOWS\CxSvc\CxAudioSvc.exe [93456 2020-12-06] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\WINDOWS\System32\CxAudMsg64.exe [243472 2020-12-06] (Synaptics Incorporated -> Conexant Systems Inc.)
R2 CxUIUSvc; C:\WINDOWS\System32\CxUIUSvc64.exe [122104 2020-12-06] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1643688 2019-05-06] (Lenovo -> Lenovo(beijing) Limited)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-14] (Microsoft Windows -> Microsoft Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [66488 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 YMC; C:\WINDOWS\System32\YMC.exe [856960 2019-05-26] (Lenovo -> Lenovo Group Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174768 2018-10-29] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64HDA.sys [2231080 2020-06-17] (Synaptics Incorporated -> Conexant Systems Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-26] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-26] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-14 14:53 - 2022-08-14 14:54 - 000018836 _____ C:\Users\minar\Downloads\FRST.txt
2022-08-14 14:53 - 2022-08-14 14:53 - 000000000 ____D C:\FRST
2022-08-14 14:52 - 2022-08-14 14:52 - 002370048 _____ (Farbar) C:\Users\minar\Downloads\FRST64.exe
2022-08-14 14:52 - 2022-08-14 14:52 - 001222144 _____ C:\Users\minar\Downloads\RSITx64.exe
2022-08-10 18:32 - 2022-08-10 18:32 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-10 18:32 - 2022-08-10 18:32 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-10 18:32 - 2022-08-10 18:32 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-08-10 18:32 - 2022-08-10 18:32 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-08-10 18:31 - 2022-08-10 18:31 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-08-10 18:31 - 2022-08-10 18:31 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-10 18:31 - 2022-08-10 18:31 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-10 18:31 - 2022-08-10 18:31 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-08-10 18:24 - 2022-08-10 18:24 - 000000000 ___HD C:\$WinREAgent
2022-08-09 18:17 - 2022-08-10 23:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-15 20:19 - 2022-07-15 20:19 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-15 20:19 - 2022-07-15 20:19 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-15 20:19 - 2022-07-15 20:19 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-15 20:19 - 2022-07-15 20:19 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-15 20:19 - 2022-07-15 20:19 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-15 20:19 - 2022-07-15 20:19 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-15 20:19 - 2022-07-15 20:19 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-15 20:19 - 2022-07-15 20:19 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-15 20:19 - 2022-07-15 20:19 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-15 20:18 - 2022-07-15 20:18 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-08-14 14:51 - 2022-02-10 19:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-08-14 14:50 - 2020-05-19 22:35 - 000000000 ____D C:\Users\minar\AppData\LocalLow\Mozilla
2022-08-14 14:33 - 2021-03-13 15:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-14 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-14 13:57 - 2021-03-03 20:17 - 000000000 ____D C:\Users\minar\AppData\Roaming\Slack
2022-08-14 13:34 - 2019-09-24 17:33 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-13 18:20 - 2020-05-20 13:22 - 000000000 ____D C:\Users\minar\AppData\Local\D3DSCache
2022-08-13 17:49 - 2020-10-13 09:47 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-13 17:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-13 17:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-11 21:08 - 2021-10-18 19:08 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-11 21:08 - 2021-10-18 19:08 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-11 10:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2022-08-11 00:04 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-11 00:01 - 2021-03-13 16:00 - 000795738 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-10 23:54 - 2021-03-13 15:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-10 23:54 - 2021-03-13 15:53 - 000435384 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-08-10 23:54 - 2021-03-13 15:53 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-10 23:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-08-10 23:53 - 2020-05-19 22:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-08-10 23:53 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-10 23:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-08-10 23:53 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-08-10 18:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-08-10 18:31 - 2021-03-13 15:57 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-08-10 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-10 17:47 - 2020-10-01 13:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-10 17:44 - 2020-10-01 13:02 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-09 21:46 - 2021-08-25 18:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-08-09 21:46 - 2020-05-19 22:35 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-08-02 00:32 - 2021-12-14 14:21 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1896883648-1903216041-2891279095-1001
2022-08-02 00:32 - 2021-03-13 15:58 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1896883648-1903216041-2891279095-1001
2022-08-02 00:32 - 2021-03-13 15:54 - 000002394 _____ C:\Users\minar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-02 00:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-07-26 11:56 - 2020-10-12 20:34 - 000000000 ____D C:\Users\minar\AppData\Roaming\obs-studio
2022-07-20 20:42 - 2021-03-13 15:58 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-15 20:29 - 2021-03-14 00:38 - 000000000 ____D C:\WINDOWS\en-GB
2022-07-15 20:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-15 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-15 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-15 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-15 20:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents

==================== Files in the root of some directories ========

2021-10-31 22:48 - 2021-10-31 22:48 - 000001556 _____ () C:\Users\minar\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Addition.txt

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-08-2022
Ran by iva (14-08-2022 14:54:44)
Running from C:\Users\minar\Downloads
Microsoft Windows 10 Home Version 21H2 19044.1889 (X64) (2021-03-13 13:58:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1896883648-1903216041-2891279095-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1896883648-1903216041-2891279095-503 - Limited - Disabled)
Guest (S-1-5-21-1896883648-1903216041-2891279095-501 - Limited - Disabled)
iva (S-1-5-21-1896883648-1903216041-2891279095-1001 - Administrator - Enabled) => C:\Users\minar
WDAGUtilityAccount (S-1-5-21-1896883648-1903216041-2891279095-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.002.20191 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Altap Salamander 4.0 (x64) (HKLM\...\Altap Salamander 4.0 (x64)) (Version: 4.0 - ALTAP)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16.05 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{E6D2F9D5-4122-4945-B145-1E791DE4C5CA}) (Version: 1.00.0003 - Advanced Micro Devices, Inc.) Hidden
GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)
Lenovo Pen Settings Service (HKLM\...\ISD Tablet Driver) (Version: 7.6.1.12 - Wacom Technology Corp.)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15427.20210 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.54 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\OneDriveSetup.exe) (Version: 22.151.0717.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\Teams) (Version: 1.4.00.29469 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.14.26429 (HKLM\...\{B12F584A-DE7A-3EE3-8EC4-8A64DBC0F2A7}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.14.26429 (HKLM\...\{03EBF679-E886-38AD-8E70-28658449F7F9}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 103.0.2 (x64 en-US)) (Version: 103.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 76.0.1 - Mozilla)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9 - Notepad++ Team)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.0.2 - OBS Project)
OEM Application Profile (HKLM-x32\...\{3DEE814D-F1DB-315D-E627-63B6B600643A}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15427.20148 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
OpenVPN 2.4.8-I602-Win10  (HKLM\...\OpenVPN) (Version: 2.4.8-I602-Win10 - OpenVPN Technologies, Inc.)
OpenVPN 64-bit (HKLM\...\{FC9D59B8-9B21-4BCF-91B2-3BDF2EBC2E37}) (Version: 2.4.0 - ÚVT MU)
PrF OpenVPN 1.3 (HKLM\...\{0EDC2F99-949E-4E6A-A942-6BFA707E2387}_is1) (Version: 1.3 - Právnická fakulta MU)
Slack (HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\slack) (Version: 4.27.154 - Slack Technologies Inc.)
TAP-Windows 9.24.2 (HKLM\...\TAP-Windows) (Version: 9.24.2 - OpenVPN Technologies, Inc.)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.28779 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\ZoomUMX) (Version: 5.8.4 (1736) - Zoom Video Communications, Inc.)

Packages:
=========
AMD Radeon™ Settings Lite -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.59462344778C5_10.19.10006.0_x64__0a9344xs7nr4m [2021-03-13] (Advanced Micro Devices Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.21.71.0_x64__kgqvnymyfvs32 [2022-07-24] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.85.1.0_x64__kgqvnymyfvs32 [2022-08-05] (king.com)
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20500.501.0_x64__rz1tebttyb220 [2020-10-07] (Dolby Laboratories)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.54.0_x64__5grkq8ppsgwt4 [2022-06-26] (LENOVO INC) [Startup Task]
Lenovo Pen Settings -> C:\Program Files\WindowsApps\WacomTechnologyCorp.157535B83C264_7.7.61.0_neutral__ss941bf8mfs8a [2022-06-06] (Wacom Technology Corp.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2207.2.0_x64__k1h2ywk1493x8 [2022-08-05] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7180.0_x64__8wekyb3d8bbwe [2022-07-28] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.50901.0_x64__8wekyb3d8bbwe [2022-04-28] (Microsoft Corporation)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-31] (Microsoft Corporation)
SmartAudio 3 -> C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw [2021-01-18] (Synaptics Hong Kong Limited, Taiwan Branch (H.K.))
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0 [2022-08-05] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1896883648-1903216041-2891279095-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\minar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21209.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1896883648-1903216041-2891279095-1001_Classes\CLSID\{C78B614F-F3EA-11D2-94A1-00E0292A01E3}\InprocServer32 -> C:\Program Files\Altap Salamander\utils\salextx64.dll (Fine spol. s r.o. -> ALTAP)
CustomCLSID: HKU\S-1-5-21-1896883648-1903216041-2891279095-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\minar\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [BB FlashBack 2] -> {A8065B9E-193F-4797-B62D-8F6321E7FCCB} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-24 17:51 - 2019-09-24 17:51 - 001460224 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\x64\SQLite.Interop.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
SearchScopes: HKU\S-1-5-21-1896883648-1903216041-2891279095-1001 -> DefaultScope {E92CEB70-8FF8-43B9-A01B-576EDC78DD14} URL = 
SearchScopes: HKU\S-1-5-21-1896883648-1903216041-2891279095-1001 -> {E92CEB70-8FF8-43B9-A01B-576EDC78DD14} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-08-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1896883648-1903216041-2891279095-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\minar\Pictures\Saved Pictures\Wallpaper\i-should-buy-a-boat.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DC590FA0-51DD-478C-A8F5-84EBB071ED75}] => (Allow) C:\Users\minar\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{851D47E5-B202-49C3-A896-5332294771A8}] => (Allow) C:\Users\minar\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1136063B-9F38-4D49-A2B7-E031F2E0EC3F}] => (Allow) C:\Users\minar\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{CC4427E9-9842-4B30-A285-86D712C1562D}C:\users\minar\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\minar\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{54D9C0D4-8DDC-4776-B7F6-FB0090646B66}C:\users\minar\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\minar\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8EBA5C5C-1FCB-48A5-A34E-41FBED711742}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D0783534-473E-4AA3-8AC8-89238626B89D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79FAEC11-4F1E-4E7E-80E4-A74C43252341}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{DFB61967-B45E-43D9-998A-10BB690215F5}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [TCP Query User{0418605E-86C3-464E-B8D1-519E307D56E4}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{46A2BACF-0DE2-4B0C-980F-BE6316FE04CC}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C6859419-0DEE-4FF1-8838-F9E235DE302B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA6E98AE-AAE3-48D5-883B-FB8C8374AED4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{218D15E9-3E38-4968-ADE0-7FCA3211E8BA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8D24400-8C58-4635-A345-6AFE18F74CA2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE267B73-B171-494C-A500-29E307D3771D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A62B574E-A4C4-48B4-B514-01E13953A90B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{55E23331-B6B4-4C82-9DDE-204A088851CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1A430651-9D84-402B-A0BF-A152D857503E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E53D42F-95FF-4500-9D73-A6F417F24C34}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.86.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA789623-7DDE-4CAC-B72B-E52676013A64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9CB5990D-4146-43B8-9138-1AF6B85E68DA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{457F2995-046D-4B3F-BFC0-FE5CF3BC4193}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5F36A777-526F-4816-9F85-8BF459891141}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63AEEBC0-ABA2-4DA7-BF12-6A9F4486E258}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BC77437-30C1-43DF-9B05-793432B9B9FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B19DAFAC-00D1-45D9-A5F4-B552114ADDE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C1D1C70D-F47A-4C1F-A376-4D0C00DB0FA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.191.824.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{07A1922A-94A3-4B31-A645-66F5BAEB9286}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.54\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

05-08-2022 18:57:38 Scheduled Checkpoint
10-08-2022 18:24:10 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/10/2022 11:54:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-OBN7LHI$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 10 Aug 2022 21:52:01 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: d3da76ba-bf92-4cbd-9cb9-593b0588011a

Method: GET(640ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (08/08/2022 03:12:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimizer couldn't complete retrim on VERBATIM HD (D:) because: This operation is not supported on this filesystem. (0x89000020)

Error: (08/05/2022 10:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_FrameServer, version: 10.0.19041.1806, time stamp: 0x7dcad237
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1826, time stamp: 0x299341e8
Exception code: 0xc00d4e24
Fault offset: 0x000000000010fb62
Faulting process id: 0x2e98
Faulting application start time: 0x01d8a90a25d7a5f4
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: da6a31e3-58a9-405c-95ed-724d12e3e992
Faulting package full name: 
Faulting package-relative application ID:

Error: (08/02/2022 12:31:48 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-OBN7LHI$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Mon, 01 Aug 2022 22:29:41 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 630d4e3d-81d0-4eef-8558-2095da852d58

Method: GET(500ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (07/31/2022 08:11:57 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-OBN7LHI$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 31 Jul 2022 18:09:50 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: cee9d189-a15a-4f94-baf5-d9bf9bc29649

Method: GET(281ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (07/31/2022 06:11:56 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-OBN7LHI$ via https://AMD-KeyId-8a0578cf56146fea399af903fb5b0ac36eb2786a.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps

Method: GET(94ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (07/22/2022 10:07:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Microsoft.SharePoint.exe, version: 22.141.703.2, time stamp: 0xc617a272
Faulting module name: Microsoft.SharePoint.dll_unloaded, version: 22.141.703.2, time stamp: 0x367b8d3e
Exception code: 0xc0000005
Fault offset: 0x00000000003fee98
Faulting process id: 0x2ba4
Faulting application start time: 0x01d89e0695a065a2
Faulting application path: C:\Users\minar\AppData\Local\Microsoft\OneDrive\22.141.0703.0002\Microsoft.SharePoint.exe
Faulting module path: Microsoft.SharePoint.dll
Report Id: 4b38fb5a-6183-42e9-a9c7-cf0c331d7455
Faulting package full name: 
Faulting package-relative application ID:

Error: (07/22/2022 10:04:00 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\DESKTOP-OBN7LHI$ via https://AMD-KeyId-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net/templates/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Fri, 22 Jul 2022 20:01:55 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: acd596b7-6e2c-44de-8f08-1947bc2eb49f

Method: GET(578ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (08/11/2022 10:25:48 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (08/10/2022 11:53:42 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Biometric Service service did not shut down properly after receiving a preshutdown control.

Error: (08/05/2022 10:32:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Camera Frame Server service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/18/2022 10:50:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OBN7LHI)
Description: The server Microsoft.LockApp_10.0.19041.1023_neutral__cw5n1h2txyewy!WindowsDefaultLockScreen did not register with DCOM within the required timeout.

Error: (07/18/2022 08:27:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OBN7LHI)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (07/18/2022 08:27:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OBN7LHI)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (07/18/2022 08:27:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OBN7LHI)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (07/16/2022 07:36:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OBN7LHI)
Description: The server microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.


Windows Defender:
================
Date: 2022-08-13 21:26:17
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-12 21:56:45
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-11 21:14:21
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-10 21:11:31
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2022-08-09 21:32:31
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-08-11 21:13:03
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

BIOS: LENOVO AGCN23WW(V1.06) 08/26/2019
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 3 3200U with Radeon Vega Mobile Gfx 
Percentage of memory in use: 64%
Total physical RAM: 6082.54 MB
Available physical RAM: 2182.84 MB
Total Virtual: 7490.54 MB
Available Virtual: 2055.05 MB

==================== Drives ================================

Drive c: (Windows-SSD) (Fixed) (Total:237.23 GB) (Free:172.86 GB) (Model: SAMSUNG MZNLN256HAJQ-000L2) NTFS

\\?\Volume{37236796-59b5-46a4-825f-a6d50a7f606d}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.49 GB) NTFS
\\?\Volume{1c70e53e-7c60-4082-b8f1-d044aab90076}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3808946F)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola logů zpomalování notebooku

#2 Příspěvek od JaRon »

ahoj,
1. vycisti PC s ADWCleanerom
2. spust s prikazoveho riadku ako spravca
chkdsk /r
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Escherka
Návštěvník
Návštěvník
Příspěvky: 7
Registrován: 27 črc 2018 16:50

Re: Preventivní kontrola logů zpomalování notebooku

#3 Příspěvek od Escherka »

1. vycisti PC s ADWCleanerom
Tam to našlo jen
Lenovo.Modern.ImController.exe
což je něco co odstranit můžu ale malware to asi neni.

Krok 2 taky hotov, tam jsem si nevšiml ničeho.

Co teď, mám zkusit pockat pokud se to zpomalení ještě neobjeví?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Preventivní kontrola logů zpomalování notebooku

#4 Příspěvek od JaRon »

chkdsk po restarte robil opravy disku, ak nejake nasiel
pozri este velkost adresara plocha (desktop) - nemal by presahovat 1GB
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět