Přeji dobrý den.
Prosím o kontrolu logu.
Notebook Lenovo Z50 mého vnuka velmi dlouho startuje a ani ten běh systému není nic extra.
Disk je HDD 2,5" 1TB
Windows 10 Home
8 GB paměť.
Děkuji.
---------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by RRRR (administrator) on LAPTOP-6J44J8G2 (LENOVO 80EC) (29-11-2021 16:40:25)
Running from C:\Users\Robino\Downloads
Loaded Profiles: RRRR & Robino
Platform: Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3763424 2017-05-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> )
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\RunOnce: [Uninstall 21.073.0411.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RRRR\AppData\Local\Microsoft\OneDrive\21.073.0411.0002\amd64"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\RunOnce: [Uninstall 21.073.0411.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RRRR\AppData\Local\Microsoft\OneDrive\21.073.0411.0002"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\Run: [MicrosoftEdgeAutoLaunch_D60995922ABFFEDCBCCB01BB089B525C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\MountPoints2: {cc9f2aaa-c663-11ea-9c27-507b9dae8096} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\WINDOWS\system32\sxj2mlm.dll [34304 2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2017-06-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09F39ED6-5114-4BAB-BEB8-F30E9AA749E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {0E2D5FE4-22D0-4E61-A5E2-CCB0933976FD} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {0E5FBA19-ECEE-4271-BD0E-2390394BC377} - System32\Tasks\CCleanerSkipUAC - RRRR => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {24861D57-37B1-4836-8A5F-7DE40E63A641} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {2731C1B3-36CB-45B6-B933-9A5515214FC5} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {32EC9B91-5223-438E-98E4-2CED1245E6CA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {39D51B7A-2B19-4B02-8257-D295C0A1095E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2e7962e3-a2e7-4744-8d6c-005a221b51c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {3E999430-45C6-4E86-9197-AC8D861DF37D} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {452DD928-EC7B-45CC-9BCE-B6D48274716A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48FFE3C6-75CC-4C9D-BD7E-3949D6768914} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {4ECB56BD-3A6D-4435-97D2-78621EE354A6} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {50A619CF-C37F-46E7-84AE-F797197FAF02} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {524014C0-F919-4B1D-AF83-2D54F218A2A5} - System32\Tasks\{1C65C841-1D11-4B66-B3BF-8C1AD7110425} => "c:\windows\system32\launchwinapp.exe" https://ui.skype.com/ui/0/7.36.0.101/cs ... =tsInstall hxxps://ui.skype.com/ui/0/7.36.0.101/cs/abandoninstall?source=lightinstaller&page=tsInstall (No File)
Task: {5DB2D08F-C398-446C-8FD2-17F539ECEE0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63509858-04D7-42DD-8991-D9277E571108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {6476055A-4CE3-42C4-B123-2C2195C26E97} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {6EF3B982-9E19-4DBB-9553-10F2ED561917} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8063d572-a8b8-4d74-bed4-77d64746b58f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {81543C86-6D0B-4F21-B964-FA2AEB6F7826} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {8171E981-0FE3-4344-B9BE-BA9989CD50E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {848F0E9E-8EE2-4F70-825F-D829E3F2727F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ce9b0739-c48d-4d1b-bcc7-2dd310428f91 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {8908A56E-897A-4EA4-A1C4-03BFF5E98F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {8E059204-25BA-49DC-94A9-11B3914B3418} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {91797B9E-D1E0-42FB-8B95-ECA621B88C5C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4a5f9b3f-6a6b-4a36-a76c-e7e4b9238d04 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {96E8E5F3-0408-43F0-A7CB-DB5A6E0DACF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1067295-2C29-42F7-82BC-3961BEC02CD2} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-05-19] (Lenovo -> Lenovo Group Ltd.)
Task: {A5811D39-09BD-4D13-B075-1EAEC4D51FE4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829384 2015-09-25] (LENOVO -> )
Task: {A6B62ADB-113F-4C26-AA55-A964A62531AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {A8A50204-65B3-4803-9901-62517C336EF1} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808392 2015-09-25] (LENOVO -> )
Task: {ABF7563C-22FD-4BB0-9AB7-5D11BBCC3E5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9BB355E-D855-460C-8FB3-9429A142C00E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7ca7053d-a87f-4c13-9fcb-a265e0f1b7ce => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {D1752078-2A34-4769-B75E-E954C3E0A84E} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-05-24] (LENOVO -> Lenovo)
Task: {F2851DE0-EA90-402C-A2E6-4D01968E9C93} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{76a53f23-4c4a-4dee-b10e-7d8f439cbf67}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{80f1a2f3-92c5-46df-837f-4d5c84245999}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: C:\Users\RRRR\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\RRRR\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-29]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://seznam.cz/"
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default [2021-11-29]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Dokumenty) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Disk Google) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adobe Acrobat) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-28]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-28]
CHR Extension: (uBlock Plus Adblocker) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2017-11-29]
CHR Extension: (Gmail) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-07] (Advanced Micro Devices) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-20] (BattlEye Innovations e.K. -> )
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [307936 2015-08-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3038568 2020-06-17] (BattlEye Innovations e.K. -> )
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-29 16:40 - 2021-11-29 16:42 - 000024081 _____ C:\Users\Robino\Downloads\FRST.txt
2021-11-29 16:36 - 2021-11-29 16:41 - 000000000 ____D C:\FRST
2021-11-29 16:35 - 2021-11-29 16:35 - 002311680 _____ (Farbar) C:\Users\Robino\Downloads\FRST64.exe
2021-11-29 16:14 - 2021-11-29 16:14 - 000168876 _____ C:\Users\RRRR\Documents\cc_20211129_161421.reg
2021-11-29 16:09 - 2021-11-29 16:30 - 000000000 ____D C:\Program Files\CCleaner
2021-11-29 16:09 - 2021-11-29 16:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-29 16:09 - 2021-11-29 16:09 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RRRR
2021-11-29 16:09 - 2021-11-29 16:09 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-29 16:09 - 2021-11-29 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-29 16:08 - 2021-11-29 16:08 - 036493848 _____ (Piriform Software Ltd) C:\Users\Robino\Downloads\ccsetup587 (1).exe
2021-11-29 15:52 - 2021-11-29 15:53 - 036501456 _____ (Piriform Software Ltd) C:\Users\Robino\Downloads\ccsetup587.exe
2021-11-28 09:35 - 2021-11-28 09:36 - 000000000 ____D C:\Users\RRRR\Desktop\Fotky
2021-11-26 14:23 - 2021-11-26 14:23 - 002569972 _____ C:\Users\Robino\Desktop\Musil_str.60-70.pdf
2021-11-26 13:52 - 2021-11-26 13:52 - 000868075 _____ C:\Users\Robino\Desktop\janebova_-_teorie_a_metody_socialni_prace.pdf
2021-11-23 23:01 - 2021-11-23 23:01 - 000008464 _____ C:\Users\Robino\Documents\Diskuze.odt
2021-11-23 22:47 - 2021-11-23 22:47 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-23 22:46 - 2021-11-23 22:46 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-23 22:45 - 2021-11-23 22:45 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-23 22:43 - 2021-11-23 22:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-23 20:52 - 2021-11-23 20:52 - 000000000 ___HD C:\$WinREAgent
2021-11-20 20:54 - 2021-11-20 20:54 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-20 20:53 - 2021-11-20 20:54 - 000000000 ____D C:\Program Files\PCHealthCheck
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-29 16:30 - 2021-04-30 05:56 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-29 16:30 - 2021-04-30 05:56 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-29 16:30 - 2021-04-29 21:29 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-29 16:30 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-29 16:30 - 2017-05-25 12:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-29 16:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-29 16:23 - 2021-04-29 21:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-29 16:23 - 2021-04-29 21:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-29 16:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-29 16:22 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-11-29 16:22 - 2017-11-11 16:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-11-29 16:12 - 2021-10-19 08:01 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-29 16:12 - 2021-04-16 14:19 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-29 16:02 - 2020-10-15 08:17 - 000000000 ____D C:\Users\Robino\AppData\Local\D3DSCache
2021-11-29 15:59 - 2019-12-14 11:33 - 000000000 ____D C:\Program Files\Epic Games
2021-11-28 10:04 - 2021-04-29 21:14 - 000000000 ____D C:\Users\RRRR
2021-11-28 10:00 - 2017-05-24 21:04 - 000000000 ___RD C:\Users\RRRR\OneDrive
2021-11-28 09:58 - 2019-01-07 17:31 - 000000000 ___RD C:\Users\RRRR\Disk Google
2021-11-28 09:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-28 09:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-28 09:52 - 2018-08-26 15:45 - 000000000 ____D C:\Users\RRRR\AppData\Local\PlaceholderTileLogoFolder
2021-11-28 09:52 - 2018-01-28 10:46 - 000000000 ____D C:\Users\RRRR\AppData\Local\Packages
2021-11-28 09:31 - 2017-07-16 11:00 - 000000000 ____D C:\Users\RRRR\Desktop\hudba
2021-11-28 09:30 - 2018-01-25 17:33 - 000000000 ____D C:\Users\RRRR\Desktop\Faktury Fotbal
2021-11-28 09:29 - 2021-04-29 21:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3651737185-2585790523-2809411377-1002
2021-11-28 09:29 - 2021-04-29 21:14 - 000002369 _____ C:\Users\RRRR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-28 09:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-28 09:24 - 2017-05-24 21:00 - 000000000 ____D C:\Users\RRRR\AppData\Local\Lenovo
2021-11-28 09:14 - 2017-07-30 09:57 - 000000000 ____D C:\ProgramData\tmp
2021-11-27 13:06 - 2020-10-13 14:57 - 000000000 ____D C:\Users\Robino\AppData\Local\Packages
2021-11-26 16:40 - 2021-04-29 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-26 07:51 - 2020-06-07 21:09 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-26 07:51 - 2020-06-07 21:09 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-25 00:25 - 2021-04-29 21:02 - 000351504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-25 00:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-24 22:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-23 23:03 - 2021-04-29 21:14 - 000000000 ____D C:\Users\Robino
2021-11-23 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-23 14:45 - 2017-06-03 15:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-23 14:32 - 2017-06-03 15:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-20 21:59 - 2017-06-01 08:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-20 21:59 - 2017-06-01 08:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-20 21:05 - 2020-12-07 08:02 - 000000000 ____D C:\Users\Robino\AppData\Roaming\.tlauncher
2021-11-20 21:04 - 2021-07-07 09:14 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73d35dcae289e
2021-11-20 21:04 - 2021-04-29 21:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-20 21:02 - 2021-04-07 07:08 - 000000000 ____D C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-11-20 21:01 - 2021-10-07 16:05 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-11-20 20:57 - 2021-04-29 21:51 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3651737185-2585790523-2809411377-1004
2021-11-20 20:57 - 2021-04-29 21:14 - 000002391 _____ C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-05 19:42 - 2020-12-07 08:02 - 000000000 ____D C:\Users\Robino\AppData\Roaming\.minecraft
2021-11-03 17:05 - 2018-02-15 17:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by RRRR (29-11-2021 16:44:52)
Running from C:\Users\Robino\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) (2021-04-29 20:52:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3651737185-2585790523-2809411377-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3651737185-2585790523-2809411377-503 - Limited - Disabled)
Guest (S-1-5-21-3651737185-2585790523-2809411377-501 - Limited - Disabled)
Robino (S-1-5-21-3651737185-2585790523-2809411377-1004 - Limited - Enabled) => C:\Users\Robino
RRRR (S-1-5-21-3651737185-2585790523-2809411377-1002 - Administrator - Enabled) => C:\Users\RRRR
WDAGUtilityAccount (S-1-5-21-3651737185-2585790523-2809411377-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (HKLM\...\{5ECC60F4-1AFE-98F5-9F72-EDEA9C4291AE}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{60AA5051-1690-890B-954C-7E18398FCF32}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.1 - Ashampoo GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CREY (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\CREY) (Version: - Bitglobe ApS)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 7.0.2 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 53.0.8.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.65.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
LibreOffice 5.3.2.2 (HKLM\...\{682C33C0-5D61-48F0-B0A2-1A504F4C5905}) (Version: 5.3.2.2 - The Document Foundation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Roblox Player for Robino (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\roblox-player) (Version: - Roblox Corporation)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: V1.05 (18.08.2019) - Xerox Corporation)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Corporation)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-11-03] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-11-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Studios) [MS Ad]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.478.28896.0_x86__55nm5eh3cm0pr [2021-05-16] (ROBLOX Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-23] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-06-01] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-09-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\RRRR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-16 16:13 - 2016-09-16 16:13 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2016-09-16 16:13 - 2016-09-16 16:13 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2020-12-21 07:48 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2013-08-01 16:05 - 2013-08-01 16:05 - 000112128 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2021-06-30 11:17 - 2020-11-03 04:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [460]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-11-23 11:14 - 2021-05-05 16:32 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RtsFT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D60995922ABFFEDCBCCB01BB089B525C"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{588D83AE-0CB6-4F81-96EC-1FE709C2CDDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22DE5D69-747B-4E82-8BF1-1CAA9B944F98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F96FF0A4-53C7-4C27-8D5F-AFD7E7A90AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C87D6D1-41B8-4D1B-9B15-9753EF0ABCEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA66A341-6C51-4074-80B8-40E6BF9A1EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A2D8A19-E879-4BA4-AEDE-3BE7CA2CBBBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{754C8271-FB30-4923-9842-EA4CAAB88BA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E75E6B04-34D5-46C6-90BA-612DB90F9BB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{042D855A-9BAB-428A-9E5E-F2924C654B85}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DE45FB42-7C4D-4438-A638-496A35093C0C}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{99CDFF7E-B993-4D8F-93C6-F00774157A34}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{079BE610-BA46-47D4-A5C0-D0B7214E86AC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{90F92422-B1E7-426B-B649-BFF88820FA36}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DE7B9A1B-F327-40C2-981E-1724D160467E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7F0013A9-42F0-47E6-AB4A-4AB1145213DA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{91547FCF-8CC9-4301-ADD7-48322CEB3D2C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCF222C3-6EC9-4064-BD38-FE7A193E33C6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{679B4485-27B9-469A-8BF8-6EA3F363971E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{02E4826F-C77B-4F82-89B3-6E4B1490F925}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F9A8DDEB-D74F-45B6-B0A5-4D18AC30796A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{539AB358-B78D-4A01-8F71-8590AD5CC87E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2B505090-758A-407F-8794-0DC5B2ED046D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{19D7E575-E9F4-464F-9D80-73332C688E97}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [TCP Query User{780A6BBE-1373-4E85-AF83-6EFE42B5C680}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [{2299DFF9-203C-421F-8AC1-9362B25B6EE2}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{CA660CB5-D26B-4B70-982F-759ECA9FA225}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{35D0CF9E-B0B3-46CE-917F-9FC901812BB7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{1E72FBC3-A669-4D6C-9D37-FAA949F7908F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{A602B264-DED4-4BBD-8EE3-787F4313FFA4}C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{FF35A57F-C29D-46C0-892C-CEDB54985604}C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{046231BB-FB32-4838-ABB2-2EBF2854F9A0}C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{AFE9D286-2173-4C3C-AD64-E9E92B6E80BB}C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{ABC21CFE-CAAB-4675-A104-1F0BB7C97577}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E6A43D3-03E0-4238-82DC-C54C712C35E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78AF9F7D-3D2E-4CFC-AE19-E48737D20773}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6DE9D95A-6EE9-499F-9078-3E15BA31B9B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5FE3484-EEA2-4777-A952-D3887576A2D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4E1D4466-6447-4FD5-9334-E93D08286223}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61A601C-27BC-4D76-BE87-8894FA09469B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8511989D-62E7-41D4-89DF-0D0D500BBBAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91F5458A-B75F-4EE3-9096-C87B7DE9F730}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
23-11-2021 20:22:52 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/29/2021 03:48:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.546, časové razítko: 0x1d3a15e7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x2080
Čas spuštění chybující aplikace: 0x01d7e5302c6be292
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f01aeb24-7e10-46db-b8cf-0f5aa5dbb9e2
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: ShellFeedsUI
Error: (11/28/2021 09:54:59 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-6J44J8G2)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.
Error: (11/24/2021 10:19:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 95.0.1020.53 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1658
Čas spuštění: 01d7e177fb0b2a7d
Čas ukončení: 56
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
ID hlášení: ef65f64a-d63e-4a12-8be2-bf00a67849a1
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (11/23/2021 09:34:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HxOutlook.exe verze 16.0.14326.20544 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 144c
Čas spuštění: 01d7e0a94051cf13
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
ID hlášení: 3bd1885d-a9e8-4759-8142-f04a830e4821
Úplný název balíčku s chybou: microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: microsoft.windowslive.mail
Typ zablokování: Cross-thread
Error: (11/23/2021 08:46:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: soffice.bin, verze: 5.3.2.2, časové razítko: 0x58ddff87
Název chybujícího modulu: MSVCR120.dll, verze: 12.0.21005.1, časové razítko: 0x524f83ff
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000074a30
ID chybujícího procesu: 0x28d4
Čas spuštění chybující aplikace: 0x01d7e0a2aff2af74
Cesta k chybující aplikaci: C:\Program Files\LibreOffice 5\program\soffice.bin
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\MSVCR120.dll
ID zprávy: a746b083-144f-4181-8d4d-825c0a1ac942
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/23/2021 02:27:58 PM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/20/2021 09:53:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.53 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2b08
Čas spuštění: 01d7de5091da1e70
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.53\identity_helper.exe
ID hlášení: b8fec34a-ba5a-43fb-991f-807c47ca8d2c
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.40_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (11/05/2021 07:37:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.721.10202.0, časové razítko: 0x6170627f
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1202, časové razítko: 0xc9db1934
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010be3e
ID chybujícího procesu: 0x1a28
Čas spuštění chybující aplikace: 0x01d7d273e47970ab
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f8b1e342-42b7-42d1-9566-6c03a57b8b39
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.721.10202.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App
System errors:
=============
Error: (11/29/2021 04:31:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 2krát.
Error: (11/29/2021 04:29:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 04:29:19 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (11/29/2021 04:23:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/29/2021 04:23:52 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: amdacpksd.sys
Error: (11/26/2021 07:44:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/26/2021 07:38:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby LenovoVantageService bylo dosaženo časového limitu (30000 ms).
Error: (11/26/2021 07:37:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Windows Defender:
================
Date: 2021-11-29 16:44:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe; file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-6J44J8G2\RRRR
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1788.0, AS: 1.353.1788.0, NIS: 1.353.1788.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-29 16:44:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-6J44J8G2\RRRR
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1788.0, AS: 1.353.1788.0, NIS: 1.353.1788.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-26 18:15:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2E587F9-CBAF-4DFA-845B-8D1CC35560D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-11-26 11:52:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {240D249A-9BCD-44BE-A302-D3DF3AEEB871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-11-26 11:47:02
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {29028105-0B4C-40B3-8322-A737C12AD742}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-11-23 20:57:33
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2021-11-23 20:57:32
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ochrana v reálném čase přestala z neznámého důvodu fungovat. Proveďte obnovení restartováním služby.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2021-11-29 16:17:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO A4CN40WW (V 2.09) 08/24/2015
Motherboard: LENOVO Lancer 5B3
Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 50%
Total physical RAM: 7098.61 MB
Available physical RAM: 3501.3 MB
Total Virtual: 8250.61 MB
Available Virtual: 4422.04 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:884.41 GB) (Free:800.17 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.1 GB) NTFS
\\?\Volume{7b01902e-e834-462b-b2b7-1037ab002e96}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{b94b2dc1-bc35-4354-9e99-ecd030380b69}\ (LENOVO_PART) (Fixed) (Total:19.88 GB) (Free:6.36 GB) NTFS
\\?\Volume{eed40dc9-d59b-4c96-9434-a81f19e03012}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 18D3077E)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Lenovo Z50 velmi dlouho startuje
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Kema
- Návštěvník
- Příspěvky: 152
- Registrován: 08 led 2005 18:15
- Bydliště: Bohosudov
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Zdravím.
Zmátlo mně že ten program ty nabídky nemá tak jak píšete, ale něco to udělalo, tak snad se dílo povedlo
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-11-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-29-2021
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6477 octets] - [29/11/2021 18:35:34]
AdwCleaner[S01].txt - [6538 octets] - [29/11/2021 18:40:02]
AdwCleaner[S02].txt - [6599 octets] - [29/11/2021 18:43:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Zmátlo mně že ten program ty nabídky nemá tak jak píšete, ale něco to udělalo, tak snad se dílo povedlo
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-11-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-29-2021
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\Public\Desktop\ASHAMPOO DEALS.URL
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6477 octets] - [29/11/2021 18:35:34]
AdwCleaner[S01].txt - [6538 octets] - [29/11/2021 18:40:02]
AdwCleaner[S02].txt - [6599 octets] - [29/11/2021 18:43:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Toto je log, který jsem potřeboval. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Kema
- Návštěvník
- Příspěvky: 152
- Registrován: 08 led 2005 18:15
- Bydliště: Bohosudov
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Tak hotovo.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by RRRR (29-11-2021 19:06:20)
Running from C:\Users\Robino\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) (2021-04-29 20:52:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3651737185-2585790523-2809411377-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3651737185-2585790523-2809411377-503 - Limited - Disabled)
Guest (S-1-5-21-3651737185-2585790523-2809411377-501 - Limited - Disabled)
Robino (S-1-5-21-3651737185-2585790523-2809411377-1004 - Limited - Enabled) => C:\Users\Robino
RRRR (S-1-5-21-3651737185-2585790523-2809411377-1002 - Administrator - Enabled) => C:\Users\RRRR
WDAGUtilityAccount (S-1-5-21-3651737185-2585790523-2809411377-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (HKLM\...\{5ECC60F4-1AFE-98F5-9F72-EDEA9C4291AE}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{60AA5051-1690-890B-954C-7E18398FCF32}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.1 - Ashampoo GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CREY (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\CREY) (Version: - Bitglobe ApS)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 7.0.2 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 53.0.8.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.65.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
LibreOffice 5.3.2.2 (HKLM\...\{682C33C0-5D61-48F0-B0A2-1A504F4C5905}) (Version: 5.3.2.2 - The Document Foundation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Roblox Player for Robino (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\roblox-player) (Version: - Roblox Corporation)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: V1.05 (18.08.2019) - Xerox Corporation)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Corporation)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-11-03] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-11-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Studios) [MS Ad]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.478.28896.0_x86__55nm5eh3cm0pr [2021-05-16] (ROBLOX Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-23] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-06-01] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-09-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\RRRR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-12-21 07:48 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-05-30 15:04 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\Vantage\Addins\GenericTelemetryAddin\1.0.0.34\x64\SQLite.Interop.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2013-08-01 16:05 - 2013-08-01 16:05 - 000112128 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2021-06-30 11:17 - 2020-11-03 04:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [460]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-11-23 11:14 - 2021-05-05 16:32 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RtsFT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D60995922ABFFEDCBCCB01BB089B525C"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{588D83AE-0CB6-4F81-96EC-1FE709C2CDDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22DE5D69-747B-4E82-8BF1-1CAA9B944F98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F96FF0A4-53C7-4C27-8D5F-AFD7E7A90AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C87D6D1-41B8-4D1B-9B15-9753EF0ABCEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA66A341-6C51-4074-80B8-40E6BF9A1EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A2D8A19-E879-4BA4-AEDE-3BE7CA2CBBBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{754C8271-FB30-4923-9842-EA4CAAB88BA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E75E6B04-34D5-46C6-90BA-612DB90F9BB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{042D855A-9BAB-428A-9E5E-F2924C654B85}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DE45FB42-7C4D-4438-A638-496A35093C0C}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{99CDFF7E-B993-4D8F-93C6-F00774157A34}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{079BE610-BA46-47D4-A5C0-D0B7214E86AC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{90F92422-B1E7-426B-B649-BFF88820FA36}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DE7B9A1B-F327-40C2-981E-1724D160467E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7F0013A9-42F0-47E6-AB4A-4AB1145213DA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{91547FCF-8CC9-4301-ADD7-48322CEB3D2C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCF222C3-6EC9-4064-BD38-FE7A193E33C6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{679B4485-27B9-469A-8BF8-6EA3F363971E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{02E4826F-C77B-4F82-89B3-6E4B1490F925}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F9A8DDEB-D74F-45B6-B0A5-4D18AC30796A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{539AB358-B78D-4A01-8F71-8590AD5CC87E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2B505090-758A-407F-8794-0DC5B2ED046D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{19D7E575-E9F4-464F-9D80-73332C688E97}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [TCP Query User{780A6BBE-1373-4E85-AF83-6EFE42B5C680}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [{2299DFF9-203C-421F-8AC1-9362B25B6EE2}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{CA660CB5-D26B-4B70-982F-759ECA9FA225}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{35D0CF9E-B0B3-46CE-917F-9FC901812BB7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{1E72FBC3-A669-4D6C-9D37-FAA949F7908F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{A602B264-DED4-4BBD-8EE3-787F4313FFA4}C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{FF35A57F-C29D-46C0-892C-CEDB54985604}C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{046231BB-FB32-4838-ABB2-2EBF2854F9A0}C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{AFE9D286-2173-4C3C-AD64-E9E92B6E80BB}C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{ABC21CFE-CAAB-4675-A104-1F0BB7C97577}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E6A43D3-03E0-4238-82DC-C54C712C35E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78AF9F7D-3D2E-4CFC-AE19-E48737D20773}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6DE9D95A-6EE9-499F-9078-3E15BA31B9B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5FE3484-EEA2-4777-A952-D3887576A2D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4E1D4466-6447-4FD5-9334-E93D08286223}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61A601C-27BC-4D76-BE87-8894FA09469B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8511989D-62E7-41D4-89DF-0D0D500BBBAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91F5458A-B75F-4EE3-9096-C87B7DE9F730}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
23-11-2021 20:22:52 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/29/2021 06:57:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1348 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 958
Čas spuštění: 01d7e54a4a3b2a7a
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: e49c5789-4c05-442b-9359-2313a353fe08
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (11/29/2021 03:48:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.546, časové razítko: 0x1d3a15e7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x2080
Čas spuštění chybující aplikace: 0x01d7e5302c6be292
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f01aeb24-7e10-46db-b8cf-0f5aa5dbb9e2
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: ShellFeedsUI
Error: (11/28/2021 09:54:59 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-6J44J8G2)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.
Error: (11/24/2021 10:19:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 95.0.1020.53 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1658
Čas spuštění: 01d7e177fb0b2a7d
Čas ukončení: 56
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
ID hlášení: ef65f64a-d63e-4a12-8be2-bf00a67849a1
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (11/23/2021 09:34:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HxOutlook.exe verze 16.0.14326.20544 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 144c
Čas spuštění: 01d7e0a94051cf13
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
ID hlášení: 3bd1885d-a9e8-4759-8142-f04a830e4821
Úplný název balíčku s chybou: microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: microsoft.windowslive.mail
Typ zablokování: Cross-thread
Error: (11/23/2021 08:46:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: soffice.bin, verze: 5.3.2.2, časové razítko: 0x58ddff87
Název chybujícího modulu: MSVCR120.dll, verze: 12.0.21005.1, časové razítko: 0x524f83ff
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000074a30
ID chybujícího procesu: 0x28d4
Čas spuštění chybující aplikace: 0x01d7e0a2aff2af74
Cesta k chybující aplikaci: C:\Program Files\LibreOffice 5\program\soffice.bin
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\MSVCR120.dll
ID zprávy: a746b083-144f-4181-8d4d-825c0a1ac942
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/23/2021 02:27:58 PM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/20/2021 09:53:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.53 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2b08
Čas spuštění: 01d7de5091da1e70
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.53\identity_helper.exe
ID hlášení: b8fec34a-ba5a-43fb-991f-807c47ca8d2c
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.40_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
System errors:
=============
Error: (11/29/2021 06:59:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:52:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/29/2021 06:52:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: amdacpksd.sys
Error: (11/29/2021 06:45:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:45:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (11/29/2021 06:45:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:45:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:45:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCSDK byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-11-29 19:06:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe; file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1793.0, AS: 1.353.1793.0, NIS: 1.353.1793.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-29 16:44:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe; file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-6J44J8G2\RRRR
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1788.0, AS: 1.353.1788.0, NIS: 1.353.1788.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-29 16:44:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-6J44J8G2\RRRR
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1788.0, AS: 1.353.1788.0, NIS: 1.353.1788.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-26 18:15:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2E587F9-CBAF-4DFA-845B-8D1CC35560D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-11-26 11:52:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {240D249A-9BCD-44BE-A302-D3DF3AEEB871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-11-23 20:57:33
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2021-11-23 20:57:32
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ochrana v reálném čase přestala z neznámého důvodu fungovat. Proveďte obnovení restartováním služby.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2021-11-29 16:17:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO A4CN40WW (V 2.09) 08/24/2015
Motherboard: LENOVO Lancer 5B3
Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 45%
Total physical RAM: 7098.61 MB
Available physical RAM: 3835.79 MB
Total Virtual: 8250.61 MB
Available Virtual: 4764.85 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:884.41 GB) (Free:796.21 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.1 GB) NTFS
\\?\Volume{7b01902e-e834-462b-b2b7-1037ab002e96}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{b94b2dc1-bc35-4354-9e99-ecd030380b69}\ (LENOVO_PART) (Fixed) (Total:19.88 GB) (Free:6.36 GB) NTFS
\\?\Volume{eed40dc9-d59b-4c96-9434-a81f19e03012}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 18D3077E)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by RRRR (administrator) on LAPTOP-6J44J8G2 (LENOVO 80EC) (29-11-2021 18:59:32)
Running from C:\Users\Robino\Downloads
Loaded Profiles: RRRR & Robino
Platform: Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3763424 2017-05-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> )
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\RunOnce: [Uninstall 21.073.0411.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RRRR\AppData\Local\Microsoft\OneDrive\21.073.0411.0002\amd64"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\RunOnce: [Uninstall 21.073.0411.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RRRR\AppData\Local\Microsoft\OneDrive\21.073.0411.0002"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\Run: [MicrosoftEdgeAutoLaunch_D60995922ABFFEDCBCCB01BB089B525C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\MountPoints2: {cc9f2aaa-c663-11ea-9c27-507b9dae8096} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\WINDOWS\system32\sxj2mlm.dll [34304 2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2017-06-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09F39ED6-5114-4BAB-BEB8-F30E9AA749E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {0E2D5FE4-22D0-4E61-A5E2-CCB0933976FD} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {0E5FBA19-ECEE-4271-BD0E-2390394BC377} - System32\Tasks\CCleanerSkipUAC - RRRR => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {24861D57-37B1-4836-8A5F-7DE40E63A641} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {32EC9B91-5223-438E-98E4-2CED1245E6CA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {39D51B7A-2B19-4B02-8257-D295C0A1095E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2e7962e3-a2e7-4744-8d6c-005a221b51c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {3E999430-45C6-4E86-9197-AC8D861DF37D} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {452DD928-EC7B-45CC-9BCE-B6D48274716A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48FFE3C6-75CC-4C9D-BD7E-3949D6768914} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {4ECB56BD-3A6D-4435-97D2-78621EE354A6} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {50A619CF-C37F-46E7-84AE-F797197FAF02} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {524014C0-F919-4B1D-AF83-2D54F218A2A5} - System32\Tasks\{1C65C841-1D11-4B66-B3BF-8C1AD7110425} => "c:\windows\system32\launchwinapp.exe" https://ui.skype.com/ui/0/7.36.0.101/cs ... =tsInstall hxxps://ui.skype.com/ui/0/7.36.0.101/cs/abandoninstall?source=lightinstaller&page=tsInstall (No File)
Task: {5DB2D08F-C398-446C-8FD2-17F539ECEE0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63509858-04D7-42DD-8991-D9277E571108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {6476055A-4CE3-42C4-B123-2C2195C26E97} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {6EF3B982-9E19-4DBB-9553-10F2ED561917} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8063d572-a8b8-4d74-bed4-77d64746b58f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {7c57c818-a893-4ccd-8981-cb26aea274b2} - no filepath
Task: {81543C86-6D0B-4F21-B964-FA2AEB6F7826} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {8171E981-0FE3-4344-B9BE-BA9989CD50E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {848F0E9E-8EE2-4F70-825F-D829E3F2727F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ce9b0739-c48d-4d1b-bcc7-2dd310428f91 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {8908A56E-897A-4EA4-A1C4-03BFF5E98F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {8E059204-25BA-49DC-94A9-11B3914B3418} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {91797B9E-D1E0-42FB-8B95-ECA621B88C5C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4a5f9b3f-6a6b-4a36-a76c-e7e4b9238d04 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {96E8E5F3-0408-43F0-A7CB-DB5A6E0DACF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1067295-2C29-42F7-82BC-3961BEC02CD2} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-05-19] (Lenovo -> Lenovo Group Ltd.)
Task: {A5811D39-09BD-4D13-B075-1EAEC4D51FE4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829384 2015-09-25] (LENOVO -> )
Task: {A6B62ADB-113F-4C26-AA55-A964A62531AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {A6B62ADB-113F-4C26-AA55-A964A62531AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {A8A50204-65B3-4803-9901-62517C336EF1} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808392 2015-09-25] (LENOVO -> )
Task: {ABF7563C-22FD-4BB0-9AB7-5D11BBCC3E5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9BB355E-D855-460C-8FB3-9429A142C00E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7ca7053d-a87f-4c13-9fcb-a265e0f1b7ce => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {D1752078-2A34-4769-B75E-E954C3E0A84E} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-05-24] (LENOVO -> Lenovo)
Task: {F2851DE0-EA90-402C-A2E6-4D01968E9C93} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{76a53f23-4c4a-4dee-b10e-7d8f439cbf67}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{80f1a2f3-92c5-46df-837f-4d5c84245999}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: C:\Users\RRRR\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\RRRR\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-29]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://seznam.cz/"
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default [2021-11-29]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Dokumenty) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Disk Google) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adobe Acrobat) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-28]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-28]
CHR Extension: (uBlock Plus Adblocker) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2017-11-29]
CHR Extension: (Gmail) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-07] (Advanced Micro Devices) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-20] (BattlEye Innovations e.K. -> )
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [307936 2015-08-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3038568 2020-06-17] (BattlEye Innovations e.K. -> )
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-29 18:42 - 2021-11-29 18:42 - 008540344 _____ (Malwarebytes) C:\Users\Robino\Downloads\AdwCleaner.exe
2021-11-29 18:33 - 2021-11-29 18:45 - 000000000 ____D C:\AdwCleaner
2021-11-29 18:32 - 2021-11-29 18:32 - 008540344 _____ (Malwarebytes) C:\Users\Robino\Downloads\adwcleaner_8.3.1.exe
2021-11-29 16:57 - 2021-11-29 16:57 - 013311448 _____ (ESET) C:\Users\Robino\Downloads\esetonlinescanner.exe
2021-11-29 16:57 - 2021-11-29 16:57 - 000001579 _____ C:\Users\RRRR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 16:57 - 2021-11-29 16:57 - 000001451 _____ C:\Users\RRRR\Desktop\ESET Online Scanner.lnk
2021-11-29 16:57 - 2021-11-29 16:57 - 000001390 _____ C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 16:57 - 2021-11-29 16:57 - 000000000 ____D C:\Users\RRRR\AppData\Local\ESET
2021-11-29 16:57 - 2021-11-29 16:57 - 000000000 ____D C:\Users\Robino\AppData\Local\ESET
2021-11-29 16:44 - 2021-11-29 16:47 - 000048328 _____ C:\Users\Robino\Downloads\Addition.txt
2021-11-29 16:40 - 2021-11-29 19:02 - 000023640 _____ C:\Users\Robino\Downloads\FRST.txt
2021-11-29 16:36 - 2021-11-29 19:01 - 000000000 ____D C:\FRST
2021-11-29 16:35 - 2021-11-29 16:35 - 002311680 _____ (Farbar) C:\Users\Robino\Downloads\FRST64.exe
2021-11-29 16:14 - 2021-11-29 16:14 - 000168876 _____ C:\Users\RRRR\Documents\cc_20211129_161421.reg
2021-11-29 16:09 - 2021-11-29 18:58 - 000000000 ____D C:\Program Files\CCleaner
2021-11-29 16:09 - 2021-11-29 16:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-29 16:09 - 2021-11-29 16:09 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RRRR
2021-11-29 16:09 - 2021-11-29 16:09 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-29 16:09 - 2021-11-29 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-29 16:08 - 2021-11-29 16:08 - 036493848 _____ (Piriform Software Ltd) C:\Users\Robino\Downloads\ccsetup587 (1).exe
2021-11-29 15:52 - 2021-11-29 15:53 - 036501456 _____ (Piriform Software Ltd) C:\Users\Robino\Downloads\ccsetup587.exe
2021-11-28 09:35 - 2021-11-28 09:36 - 000000000 ____D C:\Users\RRRR\Desktop\Fotky
2021-11-26 14:23 - 2021-11-26 14:23 - 002569972 _____ C:\Users\Robino\Desktop\Musil_str.60-70.pdf
2021-11-26 13:52 - 2021-11-26 13:52 - 000868075 _____ C:\Users\Robino\Desktop\janebova_-_teorie_a_metody_socialni_prace.pdf
2021-11-23 23:01 - 2021-11-23 23:01 - 000008464 _____ C:\Users\Robino\Documents\Diskuze.odt
2021-11-23 22:47 - 2021-11-23 22:47 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-23 22:46 - 2021-11-23 22:46 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-23 22:45 - 2021-11-23 22:45 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-23 22:43 - 2021-11-23 22:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-23 20:52 - 2021-11-23 20:52 - 000000000 ___HD C:\$WinREAgent
2021-11-20 20:54 - 2021-11-20 20:54 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-20 20:53 - 2021-11-20 20:54 - 000000000 ____D C:\Program Files\PCHealthCheck
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-29 18:58 - 2017-05-25 12:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-29 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-29 18:52 - 2021-04-29 21:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-29 18:52 - 2021-04-29 21:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-29 18:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-29 18:51 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-11-29 18:51 - 2017-11-11 16:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-11-29 18:22 - 2021-04-29 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-29 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-29 17:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-29 16:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-29 16:30 - 2021-04-30 05:56 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-29 16:30 - 2021-04-30 05:56 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-29 16:30 - 2021-04-29 21:29 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-29 16:12 - 2021-10-19 08:01 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-29 16:12 - 2021-04-16 14:19 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-29 16:02 - 2020-10-15 08:17 - 000000000 ____D C:\Users\Robino\AppData\Local\D3DSCache
2021-11-29 15:59 - 2019-12-14 11:33 - 000000000 ____D C:\Program Files\Epic Games
2021-11-28 10:04 - 2021-04-29 21:14 - 000000000 ____D C:\Users\RRRR
2021-11-28 10:00 - 2017-05-24 21:04 - 000000000 ___RD C:\Users\RRRR\OneDrive
2021-11-28 09:58 - 2019-01-07 17:31 - 000000000 ___RD C:\Users\RRRR\Disk Google
2021-11-28 09:52 - 2018-08-26 15:45 - 000000000 ____D C:\Users\RRRR\AppData\Local\PlaceholderTileLogoFolder
2021-11-28 09:52 - 2018-01-28 10:46 - 000000000 ____D C:\Users\RRRR\AppData\Local\Packages
2021-11-28 09:31 - 2017-07-16 11:00 - 000000000 ____D C:\Users\RRRR\Desktop\hudba
2021-11-28 09:30 - 2018-01-25 17:33 - 000000000 ____D C:\Users\RRRR\Desktop\Faktury Fotbal
2021-11-28 09:29 - 2021-04-29 21:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3651737185-2585790523-2809411377-1002
2021-11-28 09:29 - 2021-04-29 21:14 - 000002369 _____ C:\Users\RRRR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-28 09:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-28 09:24 - 2017-05-24 21:00 - 000000000 ____D C:\Users\RRRR\AppData\Local\Lenovo
2021-11-28 09:14 - 2017-07-30 09:57 - 000000000 ____D C:\ProgramData\tmp
2021-11-27 13:06 - 2020-10-13 14:57 - 000000000 ____D C:\Users\Robino\AppData\Local\Packages
2021-11-26 07:51 - 2020-06-07 21:09 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-26 07:51 - 2020-06-07 21:09 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-25 00:25 - 2021-04-29 21:02 - 000351504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-25 00:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-24 22:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-23 23:03 - 2021-04-29 21:14 - 000000000 ____D C:\Users\Robino
2021-11-23 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-23 14:45 - 2017-06-03 15:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-23 14:32 - 2017-06-03 15:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-20 21:59 - 2017-06-01 08:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-20 21:59 - 2017-06-01 08:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-20 21:05 - 2020-12-07 08:02 - 000000000 ____D C:\Users\Robino\AppData\Roaming\.tlauncher
2021-11-20 21:04 - 2021-07-07 09:14 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73d35dcae289e
2021-11-20 21:04 - 2021-04-29 21:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-20 21:02 - 2021-04-07 07:08 - 000000000 ____D C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-11-20 21:01 - 2021-10-07 16:05 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-11-20 20:57 - 2021-04-29 21:51 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3651737185-2585790523-2809411377-1004
2021-11-20 20:57 - 2021-04-29 21:14 - 000002391 _____ C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-05 19:42 - 2020-12-07 08:02 - 000000000 ____D C:\Users\Robino\AppData\Roaming\.minecraft
2021-11-03 17:05 - 2018-02-15 17:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by RRRR (29-11-2021 19:06:20)
Running from C:\Users\Robino\Downloads
Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) (2021-04-29 20:52:59)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3651737185-2585790523-2809411377-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3651737185-2585790523-2809411377-503 - Limited - Disabled)
Guest (S-1-5-21-3651737185-2585790523-2809411377-501 - Limited - Disabled)
Robino (S-1-5-21-3651737185-2585790523-2809411377-1004 - Limited - Enabled) => C:\Users\Robino
RRRR (S-1-5-21-3651737185-2585790523-2809411377-1002 - Administrator - Enabled) => C:\Users\RRRR
WDAGUtilityAccount (S-1-5-21-3651737185-2585790523-2809411377-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACP Application (HKLM\...\{5ECC60F4-1AFE-98F5-9F72-EDEA9C4291AE}) (Version: 2.15.30.0019 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{60AA5051-1690-890B-954C-7E18398FCF32}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.1 - Ashampoo GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{685BAD50-A3AA-4B91-A15B-77F9DC7346D4}) (Version: 3.57.4043.4118 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CREY (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\CREY) (Version: - Bitglobe ApS)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 7.0.2 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epson Event Manager (HKLM-x32\...\{4B22C430-7EA8-4534-8358-376FD900B953}) (Version: 3.10.0042 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 53.0.8.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.65.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.9.23.0 - Lenovo Group Ltd.)
LibreOffice 5.3.2.2 (HKLM\...\{682C33C0-5D61-48F0-B0A2-1A504F4C5905}) (Version: 5.3.2.2 - The Document Foundation)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.1 - Qualcomm Atheros)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.3 - Lenovo, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Roblox Player for Robino (HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\roblox-player) (Version: - Roblox Corporation)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: V1.05 (18.08.2019) - Xerox Corporation)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Corporation)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2021-11-03] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.17.0_x64__k1h2ywk1493x8 [2021-11-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2021-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-11-28] (Microsoft Studios) [MS Ad]
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.478.28896.0_x86__55nm5eh3cm0pr [2021-05-16] (ROBLOX Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-23] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-06-01] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-10-19] (Google LLC -> Google)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-09-25] (LENOVO -> Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-09-16] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\53.0.8.0\drivefsext.dll [2021-11-19] (Google LLC -> Google, Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\RRRR\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-12-21 07:48 - 2020-05-30 14:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2020-05-30 15:04 - 2020-05-30 15:04 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\Vantage\Addins\GenericTelemetryAddin\1.0.0.34\x64\SQLite.Interop.dll
2005-01-13 10:47 - 2005-01-13 10:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2013-08-01 16:05 - 2013-08-01 16:05 - 000112128 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2021-06-30 11:17 - 2020-11-03 04:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-13 02:00 - 2016-09-13 02:00 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-13 02:01 - 2016-09-13 02:01 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [460]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 12:04 - 2015-07-10 12:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2020-11-23 11:14 - 2021-05-05 16:32 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "CDAServer"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RtsFT"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "GoogleDriveFS"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_D60995922ABFFEDCBCCB01BB089B525C"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{588D83AE-0CB6-4F81-96EC-1FE709C2CDDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{22DE5D69-747B-4E82-8BF1-1CAA9B944F98}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F96FF0A4-53C7-4C27-8D5F-AFD7E7A90AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2C87D6D1-41B8-4D1B-9B15-9753EF0ABCEE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA66A341-6C51-4074-80B8-40E6BF9A1EA7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A2D8A19-E879-4BA4-AEDE-3BE7CA2CBBBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{754C8271-FB30-4923-9842-EA4CAAB88BA1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E75E6B04-34D5-46C6-90BA-612DB90F9BB8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.153.608.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{042D855A-9BAB-428A-9E5E-F2924C654B85}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DE45FB42-7C4D-4438-A638-496A35093C0C}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{99CDFF7E-B993-4D8F-93C6-F00774157A34}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{079BE610-BA46-47D4-A5C0-D0B7214E86AC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{90F92422-B1E7-426B-B649-BFF88820FA36}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{DE7B9A1B-F327-40C2-981E-1724D160467E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{7F0013A9-42F0-47E6-AB4A-4AB1145213DA}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{91547FCF-8CC9-4301-ADD7-48322CEB3D2C}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{FCF222C3-6EC9-4064-BD38-FE7A193E33C6}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{679B4485-27B9-469A-8BF8-6EA3F363971E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{02E4826F-C77B-4F82-89B3-6E4B1490F925}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{F9A8DDEB-D74F-45B6-B0A5-4D18AC30796A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{539AB358-B78D-4A01-8F71-8590AD5CC87E}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{2B505090-758A-407F-8794-0DC5B2ED046D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{19D7E575-E9F4-464F-9D80-73332C688E97}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [TCP Query User{780A6BBE-1373-4E85-AF83-6EFE42B5C680}C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\bin\javaw.exe
FirewallRules: [{2299DFF9-203C-421F-8AC1-9362B25B6EE2}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{CA660CB5-D26B-4B70-982F-759ECA9FA225}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{35D0CF9E-B0B3-46CE-917F-9FC901812BB7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{1E72FBC3-A669-4D6C-9D37-FAA949F7908F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{A602B264-DED4-4BBD-8EE3-787F4313FFA4}C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{FF35A57F-C29D-46C0-892C-CEDB54985604}C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{046231BB-FB32-4838-ABB2-2EBF2854F9A0}C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{AFE9D286-2173-4C3C-AD64-E9E92B6E80BB}C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\robino\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [{ABC21CFE-CAAB-4675-A104-1F0BB7C97577}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2E6A43D3-03E0-4238-82DC-C54C712C35E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78AF9F7D-3D2E-4CFC-AE19-E48737D20773}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6DE9D95A-6EE9-499F-9078-3E15BA31B9B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B5FE3484-EEA2-4777-A952-D3887576A2D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4E1D4466-6447-4FD5-9334-E93D08286223}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A61A601C-27BC-4D76-BE87-8894FA09469B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8511989D-62E7-41D4-89DF-0D0D500BBBAC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{91F5458A-B75F-4EE3-9096-C87B7DE9F730}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
23-11-2021 20:22:52 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/29/2021 06:57:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.19041.1348 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 958
Čas spuštění: 01d7e54a4a3b2a7a
Čas ukončení: 0
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: e49c5789-4c05-442b-9359-2313a353fe08
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (11/29/2021 03:48:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.19041.546, časové razítko: 0x1d3a15e7
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x2080
Čas spuštění chybující aplikace: 0x01d7e5302c6be292
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: f01aeb24-7e10-46db-b8cf-0f5aa5dbb9e2
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.2.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: ShellFeedsUI
Error: (11/28/2021 09:54:59 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-6J44J8G2)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.
Error: (11/24/2021 10:19:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program msedge.exe verze 95.0.1020.53 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 1658
Čas spuštění: 01d7e177fb0b2a7d
Čas ukončení: 56
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
ID hlášení: ef65f64a-d63e-4a12-8be2-bf00a67849a1
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
Error: (11/23/2021 09:34:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program HxOutlook.exe verze 16.0.14326.20544 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 144c
Čas spuštění: 01d7e0a94051cf13
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
ID hlášení: 3bd1885d-a9e8-4759-8142-f04a830e4821
Úplný název balíčku s chybou: microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: microsoft.windowslive.mail
Typ zablokování: Cross-thread
Error: (11/23/2021 08:46:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: soffice.bin, verze: 5.3.2.2, časové razítko: 0x58ddff87
Název chybujícího modulu: MSVCR120.dll, verze: 12.0.21005.1, časové razítko: 0x524f83ff
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000074a30
ID chybujícího procesu: 0x28d4
Čas spuštění chybující aplikace: 0x01d7e0a2aff2af74
Cesta k chybující aplikaci: C:\Program Files\LibreOffice 5\program\soffice.bin
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\MSVCR120.dll
ID zprávy: a746b083-144f-4181-8d4d-825c0a1ac942
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/23/2021 02:27:58 PM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (11/20/2021 09:53:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program identity_helper.exe verze 95.0.1020.53 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2b08
Čas spuštění: 01d7de5091da1e70
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files (x86)\Microsoft\Edge\Application\95.0.1020.53\identity_helper.exe
ID hlášení: b8fec34a-ba5a-43fb-991f-807c47ca8d2c
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge.Stable_95.0.1020.40_neutral__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
System errors:
=============
Error: (11/29/2021 06:59:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:52:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba amdacpksd neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (11/29/2021 06:52:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: amdacpksd.sys
Error: (11/29/2021 06:45:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:45:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 3krát.
Error: (11/29/2021 06:45:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Elan Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:45:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant Audio Message Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/29/2021 06:45:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCSDK byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-11-29 19:06:01
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe; file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel:
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1793.0, AS: 1.353.1793.0, NIS: 1.353.1793.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-29 16:44:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe; file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-6J44J8G2\RRRR
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1788.0, AS: 1.353.1788.0, NIS: 1.353.1788.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-29 16:44:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUADlManager:Win32/InstallCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: LAPTOP-6J44J8G2\RRRR
Název procesu: C:\Users\Robino\Downloads\FRST64.exe
Verze bezpečnostních informací: AV: 1.353.1788.0, AS: 1.353.1788.0, NIS: 1.353.1788.0
Verze modulu: AM: 1.1.18700.4, NIS: 1.1.18700.4
Date: 2021-11-26 18:15:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2E587F9-CBAF-4DFA-845B-8D1CC35560D9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-11-26 11:52:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {240D249A-9BCD-44BE-A302-D3DF3AEEB871}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2021-11-23 20:57:33
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2021-11-23 20:57:32
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Monitorování chování
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: Ochrana v reálném čase přestala z neznámého důvodu fungovat. Proveďte obnovení restartováním služby.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
Date: 2021-11-03 17:08:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.352.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2021-11-29 16:17:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO A4CN40WW (V 2.09) 08/24/2015
Motherboard: LENOVO Lancer 5B3
Processor: AMD A10-7300 Radeon R6, 10 Compute Cores 4C+6G
Percentage of memory in use: 45%
Total physical RAM: 7098.61 MB
Available physical RAM: 3835.79 MB
Total Virtual: 8250.61 MB
Available Virtual: 4764.85 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:884.41 GB) (Free:796.21 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.1 GB) NTFS
\\?\Volume{7b01902e-e834-462b-b2b7-1037ab002e96}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{b94b2dc1-bc35-4354-9e99-ecd030380b69}\ (LENOVO_PART) (Fixed) (Total:19.88 GB) (Free:6.36 GB) NTFS
\\?\Volume{eed40dc9-d59b-4c96-9434-a81f19e03012}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 18D3077E)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by RRRR (administrator) on LAPTOP-6J44J8G2 (LENOVO 80EC) (29-11-2021 18:59:32)
Running from C:\Users\Robino\Downloads
Loaded Profiles: RRRR & Robino
Platform: Microsoft Windows 10 Home Version 20H2 19042.1348 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> ) C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\53.0.8.0\crashpad_handler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\Lenovo.Vantage.AddinHost.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5052120 2015-06-01] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-09-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3763424 2017-05-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49952424 2021-10-19] (Google LLC -> )
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\RunOnce: [Uninstall 21.073.0411.0002\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RRRR\AppData\Local\Microsoft\OneDrive\21.073.0411.0002\amd64"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\...\RunOnce: [Uninstall 21.073.0411.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\RRRR\AppData\Local\Microsoft\OneDrive\21.073.0411.0002"
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\Run: [MicrosoftEdgeAutoLaunch_D60995922ABFFEDCBCCB01BB089B525C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\MountPoints2: {cc9f2aaa-c663-11ea-9c27-507b9dae8096} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\53.0.8.0\GoogleDriveFS.exe [54402392 2021-11-19] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\sxj2mPC: C:\Windows\System32\spool\prtprocs\x64\sxj2mpc.dll [43520 2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\sxj2m Langmon: C:\WINDOWS\system32\sxj2mlm.dll [34304 2018-04-16] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2017-06-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09F39ED6-5114-4BAB-BEB8-F30E9AA749E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {0E2D5FE4-22D0-4E61-A5E2-CCB0933976FD} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {0E5FBA19-ECEE-4271-BD0E-2390394BC377} - System32\Tasks\CCleanerSkipUAC - RRRR => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {24861D57-37B1-4836-8A5F-7DE40E63A641} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {32EC9B91-5223-438E-98E4-2CED1245E6CA} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {39D51B7A-2B19-4B02-8257-D295C0A1095E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2e7962e3-a2e7-4744-8d6c-005a221b51c5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {3E999430-45C6-4E86-9197-AC8D861DF37D} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {452DD928-EC7B-45CC-9BCE-B6D48274716A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48FFE3C6-75CC-4C9D-BD7E-3949D6768914} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [552912 2015-02-09] (LENOVO -> Lenovo)
Task: {4ECB56BD-3A6D-4435-97D2-78621EE354A6} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {50A619CF-C37F-46E7-84AE-F797197FAF02} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {524014C0-F919-4B1D-AF83-2D54F218A2A5} - System32\Tasks\{1C65C841-1D11-4B66-B3BF-8C1AD7110425} => "c:\windows\system32\launchwinapp.exe" https://ui.skype.com/ui/0/7.36.0.101/cs ... =tsInstall hxxps://ui.skype.com/ui/0/7.36.0.101/cs/abandoninstall?source=lightinstaller&page=tsInstall (No File)
Task: {5DB2D08F-C398-446C-8FD2-17F539ECEE0B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {63509858-04D7-42DD-8991-D9277E571108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {6476055A-4CE3-42C4-B123-2C2195C26E97} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-07] (LENOVO -> Lenovo)
Task: {6EF3B982-9E19-4DBB-9553-10F2ED561917} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8063d572-a8b8-4d74-bed4-77d64746b58f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {7c57c818-a893-4ccd-8981-cb26aea274b2} - no filepath
Task: {81543C86-6D0B-4F21-B964-FA2AEB6F7826} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {8171E981-0FE3-4344-B9BE-BA9989CD50E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {848F0E9E-8EE2-4F70-825F-D829E3F2727F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ce9b0739-c48d-4d1b-bcc7-2dd310428f91 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {8908A56E-897A-4EA4-A1C4-03BFF5E98F3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {8E059204-25BA-49DC-94A9-11B3914B3418} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
Task: {91797B9E-D1E0-42FB-8B95-ECA621B88C5C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4a5f9b3f-6a6b-4a36-a76c-e7e4b9238d04 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {96E8E5F3-0408-43F0-A7CB-DB5A6E0DACF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1067295-2C29-42F7-82BC-3961BEC02CD2} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-05-19] (Lenovo -> Lenovo Group Ltd.)
Task: {A5811D39-09BD-4D13-B075-1EAEC4D51FE4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829384 2015-09-25] (LENOVO -> )
Task: {A6B62ADB-113F-4C26-AA55-A964A62531AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {A6B62ADB-113F-4C26-AA55-A964A62531AB} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\ScheduleEventAction.exe [26656 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
Task: {A8A50204-65B3-4803-9901-62517C336EF1} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808392 2015-09-25] (LENOVO -> )
Task: {ABF7563C-22FD-4BB0-9AB7-5D11BBCC3E5A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9BB355E-D855-460C-8FB3-9429A142C00E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7ca7053d-a87f-4c13-9fcb-a265e0f1b7ce => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {D1752078-2A34-4769-B75E-E954C3E0A84E} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2017-05-24] (LENOVO -> Lenovo)
Task: {F2851DE0-EA90-402C-A2E6-4D01968E9C93} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{76a53f23-4c4a-4dee-b10e-7d8f439cbf67}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{80f1a2f3-92c5-46df-837f-4d5c84245999}: [DhcpNameServer] 192.168.0.1
Edge:
=======
DownloadDir: C:\Users\RRRR\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> hxxp://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\RRRR\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-29]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://seznam.cz/"
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default [2021-11-29]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (Prezentace) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-29]
CHR Extension: (Dokumenty) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-29]
CHR Extension: (Disk Google) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-05]
CHR Extension: (YouTube) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-01]
CHR Extension: (Adobe Acrobat) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-28]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-11-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-28]
CHR Extension: (uBlock Plus Adblocker) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofnbdifeelbaidfgpikinijekkjcicg [2017-11-29]
CHR Extension: (Gmail) - C:\Users\RRRR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-05]
CHR HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-09-16] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2015-08-07] (Advanced Micro Devices) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8615864 2020-05-20] (BattlEye Innovations e.K. -> )
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-12-14] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.9.23.0\LenovoVantageService.exe [31248 2021-09-16] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [307936 2015-08-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3038568 2020-06-17] (BattlEye Innovations e.K. -> )
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-09-09] (Google LLC -> Google, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-29 18:42 - 2021-11-29 18:42 - 008540344 _____ (Malwarebytes) C:\Users\Robino\Downloads\AdwCleaner.exe
2021-11-29 18:33 - 2021-11-29 18:45 - 000000000 ____D C:\AdwCleaner
2021-11-29 18:32 - 2021-11-29 18:32 - 008540344 _____ (Malwarebytes) C:\Users\Robino\Downloads\adwcleaner_8.3.1.exe
2021-11-29 16:57 - 2021-11-29 16:57 - 013311448 _____ (ESET) C:\Users\Robino\Downloads\esetonlinescanner.exe
2021-11-29 16:57 - 2021-11-29 16:57 - 000001579 _____ C:\Users\RRRR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 16:57 - 2021-11-29 16:57 - 000001451 _____ C:\Users\RRRR\Desktop\ESET Online Scanner.lnk
2021-11-29 16:57 - 2021-11-29 16:57 - 000001390 _____ C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-11-29 16:57 - 2021-11-29 16:57 - 000000000 ____D C:\Users\RRRR\AppData\Local\ESET
2021-11-29 16:57 - 2021-11-29 16:57 - 000000000 ____D C:\Users\Robino\AppData\Local\ESET
2021-11-29 16:44 - 2021-11-29 16:47 - 000048328 _____ C:\Users\Robino\Downloads\Addition.txt
2021-11-29 16:40 - 2021-11-29 19:02 - 000023640 _____ C:\Users\Robino\Downloads\FRST.txt
2021-11-29 16:36 - 2021-11-29 19:01 - 000000000 ____D C:\FRST
2021-11-29 16:35 - 2021-11-29 16:35 - 002311680 _____ (Farbar) C:\Users\Robino\Downloads\FRST64.exe
2021-11-29 16:14 - 2021-11-29 16:14 - 000168876 _____ C:\Users\RRRR\Documents\cc_20211129_161421.reg
2021-11-29 16:09 - 2021-11-29 18:58 - 000000000 ____D C:\Program Files\CCleaner
2021-11-29 16:09 - 2021-11-29 16:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-11-29 16:09 - 2021-11-29 16:09 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - RRRR
2021-11-29 16:09 - 2021-11-29 16:09 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-29 16:09 - 2021-11-29 16:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-11-29 16:08 - 2021-11-29 16:08 - 036493848 _____ (Piriform Software Ltd) C:\Users\Robino\Downloads\ccsetup587 (1).exe
2021-11-29 15:52 - 2021-11-29 15:53 - 036501456 _____ (Piriform Software Ltd) C:\Users\Robino\Downloads\ccsetup587.exe
2021-11-28 09:35 - 2021-11-28 09:36 - 000000000 ____D C:\Users\RRRR\Desktop\Fotky
2021-11-26 14:23 - 2021-11-26 14:23 - 002569972 _____ C:\Users\Robino\Desktop\Musil_str.60-70.pdf
2021-11-26 13:52 - 2021-11-26 13:52 - 000868075 _____ C:\Users\Robino\Desktop\janebova_-_teorie_a_metody_socialni_prace.pdf
2021-11-23 23:01 - 2021-11-23 23:01 - 000008464 _____ C:\Users\Robino\Documents\Diskuze.odt
2021-11-23 22:47 - 2021-11-23 22:47 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-23 22:46 - 2021-11-23 22:46 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-23 22:45 - 2021-11-23 22:45 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-23 22:43 - 2021-11-23 22:43 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-23 20:52 - 2021-11-23 20:52 - 000000000 ___HD C:\$WinREAgent
2021-11-20 20:54 - 2021-11-20 20:54 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-11-20 20:53 - 2021-11-20 20:54 - 000000000 ____D C:\Program Files\PCHealthCheck
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-29 18:58 - 2017-05-25 12:59 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-29 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-29 18:52 - 2021-04-29 21:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-29 18:52 - 2021-04-29 21:02 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-29 18:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-29 18:51 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-11-29 18:51 - 2017-11-11 16:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-11-29 18:22 - 2021-04-29 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-29 18:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-29 17:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-29 16:47 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-29 16:30 - 2021-04-30 05:56 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-29 16:30 - 2021-04-30 05:56 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-29 16:30 - 2021-04-29 21:29 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-29 16:12 - 2021-10-19 08:01 - 000000000 ____D C:\WINDOWS\Minidump
2021-11-29 16:12 - 2021-04-16 14:19 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-29 16:02 - 2020-10-15 08:17 - 000000000 ____D C:\Users\Robino\AppData\Local\D3DSCache
2021-11-29 15:59 - 2019-12-14 11:33 - 000000000 ____D C:\Program Files\Epic Games
2021-11-28 10:04 - 2021-04-29 21:14 - 000000000 ____D C:\Users\RRRR
2021-11-28 10:00 - 2017-05-24 21:04 - 000000000 ___RD C:\Users\RRRR\OneDrive
2021-11-28 09:58 - 2019-01-07 17:31 - 000000000 ___RD C:\Users\RRRR\Disk Google
2021-11-28 09:52 - 2018-08-26 15:45 - 000000000 ____D C:\Users\RRRR\AppData\Local\PlaceholderTileLogoFolder
2021-11-28 09:52 - 2018-01-28 10:46 - 000000000 ____D C:\Users\RRRR\AppData\Local\Packages
2021-11-28 09:31 - 2017-07-16 11:00 - 000000000 ____D C:\Users\RRRR\Desktop\hudba
2021-11-28 09:30 - 2018-01-25 17:33 - 000000000 ____D C:\Users\RRRR\Desktop\Faktury Fotbal
2021-11-28 09:29 - 2021-04-29 21:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3651737185-2585790523-2809411377-1002
2021-11-28 09:29 - 2021-04-29 21:14 - 000002369 _____ C:\Users\RRRR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-28 09:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-28 09:24 - 2017-05-24 21:00 - 000000000 ____D C:\Users\RRRR\AppData\Local\Lenovo
2021-11-28 09:14 - 2017-07-30 09:57 - 000000000 ____D C:\ProgramData\tmp
2021-11-27 13:06 - 2020-10-13 14:57 - 000000000 ____D C:\Users\Robino\AppData\Local\Packages
2021-11-26 07:51 - 2020-06-07 21:09 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-26 07:51 - 2020-06-07 21:09 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-25 00:25 - 2021-04-29 21:02 - 000351504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-25 00:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-25 00:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-24 22:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-23 23:03 - 2021-04-29 21:14 - 000000000 ____D C:\Users\Robino
2021-11-23 23:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-11-23 14:45 - 2017-06-03 15:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-23 14:32 - 2017-06-03 15:44 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-20 21:59 - 2017-06-01 08:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-20 21:59 - 2017-06-01 08:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-20 21:05 - 2020-12-07 08:02 - 000000000 ____D C:\Users\Robino\AppData\Roaming\.tlauncher
2021-11-20 21:04 - 2021-07-07 09:14 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d73d35dcae289e
2021-11-20 21:04 - 2021-04-29 21:51 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-20 21:02 - 2021-04-07 07:08 - 000000000 ____D C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2021-11-20 21:01 - 2021-10-07 16:05 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001906 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001906 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-11-20 21:01 - 2021-10-07 16:05 - 000001894 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-11-20 20:57 - 2021-04-29 21:51 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3651737185-2585790523-2809411377-1004
2021-11-20 20:57 - 2021-04-29 21:14 - 000002391 _____ C:\Users\Robino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-05 19:42 - 2020-12-07 08:02 - 000000000 ____D C:\Users\Robino\AppData\Roaming\.minecraft
2021-11-03 17:05 - 2018-02-15 17:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Robino\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [460]
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\MountPoints2: {cc9f2aaa-c663-11ea-9c27-507b9dae8096} - "F:\HiSuiteDownLoader.exe"
Task: {09F39ED6-5114-4BAB-BEB8-F30E9AA749E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {63509858-04D7-42DD-8991-D9277E571108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Kema
- Návštěvník
- Příspěvky: 152
- Registrován: 08 led 2005 18:15
- Bydliště: Bohosudov
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Po dokončení se systém restartoval.
Fixlog jsem ale našel.
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by RRRR (29-11-2021 20:07:57) Run:1
Running from C:\Users\Robino\Downloads
Loaded Profiles: RRRR & Robino
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [460]
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\MountPoints2: {cc9f2aaa-c663-11ea-9c27-507b9dae8096} - "F:\HiSuiteDownLoader.exe"
Task: {09F39ED6-5114-4BAB-BEB8-F30E9AA749E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {63509858-04D7-42DD-8991-D9277E571108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC8257AC-73D9-48A4-83A7-A9B27E5D6309} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CC8257AC-73D9-48A4-83A7-A9B27E5D6309} => removed successfully
"HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC8257AC-73D9-48A4-83A7-A9B27E5D6309} => removed successfully
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe => moved successfully
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe => moved successfully
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc9f2aaa-c663-11ea-9c27-507b9dae8096} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09F39ED6-5114-4BAB-BEB8-F30E9AA749E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F39ED6-5114-4BAB-BEB8-F30E9AA749E3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63509858-04D7-42DD-8991-D9277E571108}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63509858-04D7-42DD-8991-D9277E571108}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2153918 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 362838 B
Edge => 37376 B
Chrome => 150528 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 14336 B
ProgramData => 14336 B
Public => 14336 B
systemprofile => 14336 B
systemprofile32 => 14336 B
LocalService => 14336 B
NetworkService => 266544456 B
RRRR => 268290746 B
Robi => 268756445 B
Robino => 928983121 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
Fixlog jsem ale našel.
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by RRRR (29-11-2021 20:07:57) Run:1
Running from C:\Users\Robino\Downloads
Loaded Profiles: RRRR & Robino
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [460]
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=LCTE
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> DefaultScope {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3651737185-2585790523-2809411377-1002 -> {CC8257AC-73D9-48A4-83A7-A9B27E5D6309} URL =
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\...\MountPoints2: {cc9f2aaa-c663-11ea-9c27-507b9dae8096} - "F:\HiSuiteDownLoader.exe"
Task: {09F39ED6-5114-4BAB-BEB8-F30E9AA749E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Task: {63509858-04D7-42DD-8991-D9277E571108} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-06-01] (Google Inc -> Google Inc.)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
"HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC8257AC-73D9-48A4-83A7-A9B27E5D6309} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{CC8257AC-73D9-48A4-83A7-A9B27E5D6309} => removed successfully
"HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-3651737185-2585790523-2809411377-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CC8257AC-73D9-48A4-83A7-A9B27E5D6309} => removed successfully
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0051333768.exe => moved successfully
C:\Users\Robi\Downloads\setup_Your File Is Ready To Download_0367846329.exe => moved successfully
HKU\S-1-5-21-3651737185-2585790523-2809411377-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc9f2aaa-c663-11ea-9c27-507b9dae8096} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09F39ED6-5114-4BAB-BEB8-F30E9AA749E3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09F39ED6-5114-4BAB-BEB8-F30E9AA749E3}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63509858-04D7-42DD-8991-D9277E571108}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63509858-04D7-42DD-8991-D9277E571108}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 2153918 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 362838 B
Edge => 37376 B
Chrome => 150528 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 14336 B
ProgramData => 14336 B
Public => 14336 B
systemprofile => 14336 B
systemprofile32 => 14336 B
LocalService => 14336 B
NetworkService => 266544456 B
RRRR => 268290746 B
Robi => 268756445 B
Robino => 928983121 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Kema
- Návštěvník
- Příspěvky: 152
- Registrován: 08 led 2005 18:15
- Bydliště: Bohosudov
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Noťas nastartuje teď asi za 3 minuty a pak asi 7 minut je dost línej jelikož má HDD vytížen na 100 procent.
Ve Správci úloh na kartě Procesy to sleduji. Jsou to Hostitel služby a antivir Defender nebo co to maj.
Ale zlepšilo se to každoádně ho HODNĚ MOC !
Děkuji mnohokrát.
Já ho nechám zapnutý do rána. Ať si to na tom disku srovná.
Ve Správci úloh na kartě Procesy to sleduji. Jsou to Hostitel služby a antivir Defender nebo co to maj.
Ale zlepšilo se to každoádně ho HODNĚ MOC !
Děkuji mnohokrát.
Já ho nechám zapnutý do rána. Ať si to na tom disku srovná.
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Lenovo Z50 velmi dlouho startuje
Jj. Nemáte zač a případně se ozvěte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?