Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu, pomalý ntb

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Prosím o kontrolu, pomalý ntb

#1 Příspěvek od artmle9 »

Prosím o kontrolu, pc je až neuvěřitelně pomalý, ve všem...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2021
Ran by Lukáš (administrator) on LUKAS (LENOVO 80QQ) (13-06-2021 11:43:12)
Running from D:\Plocha
Loaded Profiles: Lukáš
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021
Ran by Lukáš (13-06-2021 11:21:38)
Running from D:\Plocha
Windows 10 Home Version 20H2 19042.985 (X64) (2021-06-04 11:15:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-689210801-1679876152-2392686753-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-689210801-1679876152-2392686753-503 - Limited - Disabled)
Guest (S-1-5-21-689210801-1679876152-2392686753-501 - Limited - Disabled)
Lukáš (S-1-5-21-689210801-1679876152-2392686753-1001 - Administrator - Enabled) => C:\Users\Lukáš
WDAGUtilityAccount (S-1-5-21-689210801-1679876152-2392686753-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.73 - Hulubulu Software)
Any Video Converter 6.0.2 (HKLM-x32\...\Any Video Converter) (Version: 6.0.2 - Anvsoft)
AnyPic JPG to PDF Converter 1.0.2 (HKLM-x32\...\{ADD050EC-6B50-437F-807B-FF9F29216FA5}_is1) (Version: - AnyPic Soft)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.68 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FoneLab Data Retriever 1.2.20 (HKLM-x32\...\{84530085-7274-4236-91A8-5DBF484771F7}_is1) (Version: 1.2.20 - FoneLab)
FormatFactory 5.7.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.7.5.0 - Free Time)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2376 - GenesysLogic)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.7 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.)
MediaCoder 0.8.58 (HKLM\...\MediaCoder) (Version: 0.8.58 - Mediatronic)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.41 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 89.0 (x64 cs) (HKLM\...\Mozilla Firefox 89.0 (x64 cs)) (Version: 89.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFTools Version 1.2 (09/28/2006) (HKLM-x32\...\PDFTools_is1) (Version: 1.0 - www.SheelApps.com - Sheel Khanna)
Pracovní kalendář (HKLM-x32\...\Pracovní kalendář) (Version: - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 8.0.0.5 - 't Schrijverke)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{F9D14939-1792-44AB-8C53-F208534C2548}) (Version: 1.2.0.0 - Microsoft Corporation) Hidden
WD Quick View (HKLM-x32\...\{6D9DC1C5-AD2B-4FE1-812B-4EB7BC51DDBD}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{437D5C46-5AB0-4042-8682-0626441FF53B}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Web Companion (HKLM-x32\...\{695a8e97-cd67-4f46-81c8-78fe4cdfcc5e}) (Version: 7.0.2417.4248 - Lavasoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WsWin V2.98.8 - 2017-06-28 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.98.8 - Werner Krenn)

Packages:
=========
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-08] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-11] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-11] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-03-31 17:19 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-09-17 13:05 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2005-09-07 14:03 - 2005-09-07 14:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2021-03-31 17:20 - 2012-09-06 21:02 - 000155648 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2021-03-31 17:20 - 2012-07-06 13:33 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2021-03-31 17:20 - 2012-07-06 13:33 - 017694720 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2021-03-31 17:20 - 2012-07-17 13:36 - 000094208 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2016-09-17 13:05 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2020-08-04 11:46 - 2020-08-04 11:46 - 000341504 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx_108.dll
2015-06-24 01:00 - 2015-06-24 01:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-24 01:00 - 2015-06-24 01:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-06-04 12:53 - 2021-06-04 12:53 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2016-04-19 12:02 - 2016-04-19 12:02 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
2020-12-23 15:41 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-31 22:23 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-689210801-1679876152-2392686753-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {BE7160C8-EE33-4ED2-AA71-6A1AA2336542} hxxp://192.168.0.100/IPCamPluginDM.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\Control Panel\Desktop\\Wallpaper -> D:\Plocha\20032042_1742630582418208_3901495373089537661_n.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AvrcpService => 2
MSCONFIG\Services: BTDevManager => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: UpdateAgentService => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A1448DA6-F320-405C-A2E7-0982847C22F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{07C68020-F586-4DD1-A7EB-34C10274FDE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{89C143EE-277D-4CCE-8709-CEB0764064B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B629733D-AE81-45E2-B189-C7F058A2EF7E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DBEF017-7766-4D1B-8E94-197FA7BD752E}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{1111657B-E82E-4292-B43E-DE0D2EC95F2C}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{7AA7B9F7-DDFC-4DFA-831C-2DC212429709}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{CBFC3570-2587-4157-B832-49C0D8040254}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{A9C39870-7C1B-4F8C-AA14-58C623523EEF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{6E24D22A-6684-42D1-A853-E5862FFD70DB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{54014671-314A-4375-B163-99970CD98199}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2CF51606-9E45-4D0E-9A84-F6F77E480441}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7CDD24E-2F1A-48E3-983D-2B8DD117DFFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{82402832-7002-437F-89C8-22086ECC9AF3}] => (Allow) LPort=54925
FirewallRules: [{CA64668E-FEB0-49F3-AECB-E45348218526}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{10EAA4DF-051A-41EE-949F-8943C22A31BC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => No File
FirewallRules: [{E3AEC421-D906-4FA0-95B2-9E6E441D4F4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4E06B121-981D-449C-903F-652F811E1FBC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E8C4DCD-5D4B-4592-A517-252331CC6BDA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{30EB3620-2197-4B59-9FFA-5B8E44C35944}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{05735352-23C0-42DB-84BA-E79EDA4B3E64}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{340891C3-686E-4ABD-868A-FB9B66DADBA8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76E26D88-11F4-4FE2-8530-7388AFFA60AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D5EC8B9-3E5E-421E-8D57-9FD5CB0D78FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{206362B3-6FF5-49D0-98D5-5C134A902C54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

04-06-2021 15:22:23 Windows Modules Installer
07-06-2021 17:04:30 Installed YouTubeByClick.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/13/2021 10:07:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 11b4

Čas spuštění: 01d7602ad80a9614

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: f9e33298-6af6-400b-a140-614e7f484822

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (06/13/2021 09:53:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.621.4222.0, časové razítko: 0x60818071
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.964, časové razítko: 0x812662a7
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b39c
ID chybujícího procesu: 0x224c
Čas spuštění chybující aplikace: 0x01d76028f7db8249
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3d5381be-8321-4db4-ae01-271aaf42487f
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (06/11/2021 05:16:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe, identifikátor PID: 3760, identifikátor PID ProfSvc: 1544.

Error: (06/11/2021 05:16:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe, identifikátor PID: 3760, identifikátor PID ProfSvc: 1544.

Error: (06/11/2021 05:16:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 408, identifikátor PID ProfSvc: 1544.

Error: (06/11/2021 05:16:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3652, identifikátor PID ProfSvc: 1544.

Error: (06/11/2021 05:16:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 3652, identifikátor PID ProfSvc: 1544.

Error: (06/11/2021 05:16:49 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Windows\System32\svchost.exe, identifikátor PID: 6896, identifikátor PID ProfSvc: 1544.


System errors:
=============
Error: (06/11/2021 05:16:41 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:44 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:44 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:43 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:41 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:40 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server Microsoft.YourPhone_1.21042.137.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:37 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/11/2021 05:00:37 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2021-06-05 13:35:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FE403074-47D2-49BC-9D08-ED2B759F52CA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: LENOVO E0CN16WW 08/04/2015
Motherboard: LENOVO Nano 5B6
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 87%
Total physical RAM: 4011.01 MB
Available physical RAM: 494.03 MB
Total Virtual: 6955.01 MB
Available Virtual: 1673.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:225.04 GB) (Free:152.22 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:217.26 GB) (Free:68.99 GB) NTFS
Drive g: (GH600) (Removable) (Total:14.72 GB) (Free:1.43 GB) FAT32
Drive l: (LENOVO) (Fixed) (Total:3.05 GB) (Free:1.83 GB) NTFS

\\?\Volume{a0e2f434-243b-44f3-b832-2514600caaad}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{f05ebdb5-a934-4a4e-a41c-845ca12a8433}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AD0E9522)

Partition: GPT.

==========================================================
Disk: 1 (Size: 14.7 GB) (Disk ID: A9B378DE)
Partition 1: (Not Active) - (Size=14.7 GB) - (Type=0C)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#2 Příspěvek od JaRon »

Ahoj,
vycisti PC s Adwcleanerom log sem a registre CCleanerom - restart - napis aky je stav
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#3 Příspěvek od artmle9 »

Provedeno, o maličko lepší to je, ale pořád značně zpomalené

# -------------------------------
# Malwarebytes AdwCleaner 8.2.0.0
# -------------------------------
# Build: 03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-13-2021
# Duration: 00:00:35
# OS: Windows 10 Home
# Cleaned: 38
# Awaiting reboot:3
# Failed: 0


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\ProgramData\VideoConverter
Deleted C:\Users\Lukáš\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Lukáš\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\Users\Lukáš\AppData\Local\Temp\WebCompanion.zip

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{695a8e97-cd67-4f46-81c8-78fe4cdfcc5e}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{695a8e97-cd67-4f46-81c8-78fe4cdfcc5e}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{695a8e97-cd67-4f46-81c8-78fe4cdfcc5e}|UninstallString

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1720B0E0-C520-43A6-B677-97A1D80F3B99}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB80031E-540A-48A4-A81D-B90257EC3E13}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility
Needs Reboot Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Needs Reboot Preinstalled.LenovoIMController Folder C:\Users\Lukáš\AppData\Local\LENOVO\IMCONTROLLER
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****


***** [ Folders ] *****

Cleaning failed C:\ProgramData\LENOVO\IMCONTROLLER
Cleaning failed C:\Users\Lukáš\AppData\Local\LENOVO\IMCONTROLLER
Cleaning failed C:\Windows\LENOVO\IMCONTROLLER

*************************

AdwCleaner[S00].txt - [5610 octets] - [13/06/2021 14:49:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#4 Příspěvek od JaRon »

V logu si mal vytazenie pamate 87% pozri sa na to :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#5 Příspěvek od artmle9 »

Výstřižek.PNG
Výstřižek.PNG (41.72 KiB) Zobrazeno 1868 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#6 Příspěvek od JaRon »

Pouzi este zoek podla navodu kolegu
https://forum.viry.cz/viewtopic.php?f=3 ... k#p1541960
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#7 Příspěvek od artmle9 »

Zoek nejsem schopny otevrit. Preinstaloval jsem i Winrar, ale nejde to
Výstřižek.PNG
Výstřižek.PNG (50.04 KiB) Zobrazeno 1864 x

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#8 Příspěvek od JaRon »

Nemam v dosahu PC
V ipade mi to slo otvorit - su tam dva subory
Skus napr. cez 7zip
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#9 Příspěvek od artmle9 »

No myslel jsem, že mi pc ani nenabehne ... po restartu cca 10min cerna obrazovka. Zmena akorat ta, ze v pravo dole na liste se mi ukazuje pocasi. Coz jsem nikdy nemel a ani nechci.

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Luk ç on 13.06.2021 at 19:48:31,74.
Microsoft Windows 10 Home 10.0.19042 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\LUK~1\AppData\Local\Temp\Rar$EXa4908.31499\zoek\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

13.06.2021 19:51:44 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Lavasoft deleted successfully
C:\PROGRA~2\Software602 deleted successfully
C:\Program Files\Fotolab deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Lavasoft deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\SUPPORTDIR deleted successfully
C:\Users\Lukas Kilhof\AppData\Local\NetworkTiles deleted successfully
C:\Users\Lukas Kilhof\AppData\Local\VirtualStore deleted successfully
C:\Users\LUK~1\AppData\Local\DBG deleted successfully
C:\Users\LUK~1\AppData\Local\FTMod deleted successfully
C:\Users\LUK~1\AppData\Local\GHISLER deleted successfully
C:\Users\LUK~1\AppData\Local\Lavasoft deleted successfully
C:\Users\LUK~1\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\LUK~1\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\prefs.js:
user_pref("browser.startup.homepage", "seznam.cz");
user_pref("browser.newtab.url", "https://poshukach.com?fr=ps&gp=496723&altserp=1");
user_pref("browser.search.defaultenginename", "Poshukach Engin Search");
user_pref("browser.search.selectedEngine", "Poshukach Engin Search");

Added to C:\Users\LUK~1\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\LUKASK~1\AppData\Roaming\Mozilla\Firefox\Profiles\efau6vls.default\prefs.js:

Added to C:\Users\LUKASK~1\AppData\Roaming\Mozilla\Firefox\Profiles\efau6vls.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Lavasoft not found
C:\PROGRA~2\Software602 not found
C:\PROGRA~3\Package Cache deleted
C:\Users\Lukas Kilhof\AppData\Local\BTServer.log deleted
C:\Users\LUK~1\AppData\Local\BTServer.log deleted
C:\Users\LUK~1\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc283.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc2c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc381.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc3b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc47f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc491.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc4a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc4e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc4f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc525.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc537.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc549.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc55a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc58b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc7b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc88d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc89e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc8fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2370-2374-dc9ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-167e79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-169ba8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-169c08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-169c77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-169cf6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-169f4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-169f8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16a2e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16a432.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16a657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16a937.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16b0fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16b7a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16c34d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16cd32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16d37e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16d8fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16e091.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-24b8-f60-16ea67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e82c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e82e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e82fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e831c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e833d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e834f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e83be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e83ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8410.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8412.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8424.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8436.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8447.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8449.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e845b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e846d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e847e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8490.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27fc-2630-1e8492.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb366.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb368.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb37a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb37c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb37e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb38f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb391.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb393.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5c0-5c4-fb3e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-70f970.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-710a2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-71125b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-711461.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-713568.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-713f5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715066.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-71550c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-71553c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715752.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715928.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715ad0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715b20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715c8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715d76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-715ed0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-716385.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-7169c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-bf8-2634-716ea5.tmp deleted
C:\WINDOWS\Syswow64\InstallUtil.InstallLog deleted
C:\Users\LUK~1\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\searchplugins\Poshukach Engin Search.xml deleted
"C:\DumpStack.log.tmp" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\LUK~1\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\LUKASK~1\AppData\Roaming\Mozilla\Firefox\Profiles\efau6vls.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\LUK~1\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471
- Undetermined - %ProfilePath%\extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi
- Undetermined - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Undetermined - %ProfilePath%\extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi
- Undetermined - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\LUKASK~1\AppData\Roaming\Mozilla\Firefox\Profiles\efau6vls.default
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://lenovo15.msn.com/?pc=LCTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://lenovo15.msn.com/?pc=LCTE"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\LUK~1\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\LUK~1\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\LUK~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\LUK~1\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lukas Kilhof\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\LUK~1\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lukas Kilhof\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\LUK~1\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Lukas Kilhof\AppData\Local\Mozilla\Firefox\Profiles\efau6vls.default\cache2 emptied successfully
C:\Users\LUK~1\AppData\Local\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\LUK~1\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=43 folders=133 67338996 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\LUK~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on 13.06.2021 at 20:28:29,07 ======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#10 Příspěvek od JaRon »

prehliadace su vycistene
co sa tyka pocasia na liste to je po poslednej aktualizacii MS
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#11 Příspěvek od artmle9 »

Dá se ještě něco? Nebo to je vše?

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#12 Příspěvek od JaRon »

vloz oba logy FRST na kontrolu
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#13 Příspěvek od artmle9 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2021
Ran by Lukáš (administrator) on LUKAS (LENOVO 80QQ) (14-06-2021 22:51:12)
Running from D:\Plocha
Loaded Profiles: Lukáš
Platform: Windows 10 Home Version 20H2 19042.1052 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(LENOVO (UNITED STATES) INC. -> Lenovo) C:\Users\Lukáš\AppData\Local\Apps\2.0\NJZYPWAE.VY6\VZT238X5.WP7\lsb...tion_2d7b41b05b24775e_0001.0006_6e55c1acac1ba44a\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-03] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {012BC4A2-9552-4255-9D3A-DF66DEE157E7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {21A3B364-0C6A-4632-B19C-D6280B277307} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {2218D2AB-E600-4A2C-871D-68E829841573} - \Lenovo\ImController\TimeBasedEvents\f7cb8f1a-169a-42f2-9351-8eda3c980f7a -> No File <==== ATTENTION
Task: {26490A96-BFF3-4964-A269-50BE0B5F0E43} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {270EAEE7-7968-4558-8F46-B58E1BAA037E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {29E1B528-C965-494E-8260-C0677F52417F} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
Task: {3CCEFB7D-FD2C-4507-B0D8-E9807015F0FF} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe
Task: {401578B3-2E9E-481D-8872-F6A5A98ACEBD} - \Lenovo\ImController\TimeBasedEvents\16411e49-aea6-43ab-9354-c9810d59cfb0 -> No File <==== ATTENTION
Task: {4CC9F645-73AD-4AF1-99D2-EAE4EC6B5D49} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {4F2B1E10-8D86-43D0-801B-97B3F8DE021D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-689210801-1679876152-2392686753-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {52BBAE7D-7822-447F-A48F-DC1C284313E0} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe
Task: {736537AA-6EAA-444C-A58B-AC6ED37D47E6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {75DE46E9-BE19-4F83-80A2-37991C3ACA3E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B2E9601-98CF-4832-A7D9-E0933A1EC645} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {909230BD-DA42-4D07-BF41-B38C405D59FC} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {ABC21885-8E96-4FAA-9755-8D7E436320AD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D2DA19BE-6507-4451-AAA7-B66C622D7001} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7F29B0B-DBCC-42C0-926A-BF8D6DAD84BD} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {D90AF572-0045-49B5-84E1-19E7F4184E60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DAA24675-AB53-419A-991F-1C06FEDF2E0F} - \Lenovo\ImController\TimeBasedEvents\6932e23a-2599-46c4-b4ca-a0dff1d8df13 -> No File <==== ATTENTION
Task: {DD4A8332-6853-4A4C-B8EB-15AA9BA7467F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe
Task: {E6765E34-61BD-4611-8822-1B6C34C4FF17} - \Lenovo\ImController\TimeBasedEvents\6793c4c6-0802-41df-927c-1051a8a440c7 -> No File <==== ATTENTION
Task: {EE392861-A20E-4820-9BE1-301ADDAAB641} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F0645448-92C9-4142-87DD-DF6D6FB4CF07} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
Task: {F47C9260-5793-49B6-A0D2-03ABF8A1D872} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {F8159C7A-0876-4508-AD1C-9E8FD991A3F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{2038214c-a794-4e3c-91a0-403379dd3a14}: [DhcpNameServer] 213.46.172.38 213.46.172.39 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{7328b8b2-a632-4226-9852-2b08774d222d}: [DhcpNameServer] 8.8.8.8 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Lukáš\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-14]

FireFox:
========
FF DefaultProfile: g3tsgux6.default-1530208323471
FF ProfilePath: C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471 [2021-06-14]
FF DownloadDir: D:\Plocha
FF Homepage: Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471 -> about:newtab
FF Extension: (Notifier for Gmail™) - C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2021-06-04]
FF Extension: (Google Translator for Firefox) - C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\Extensions\translator@zoli.bod.xpi [2018-12-04]
FF Extension: (FormApps Extension) - C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-10-08]
FF Extension: (No Name) - C:\Users\Lukáš\AppData\Roaming\Mozilla\Firefox\Profiles\g3tsgux6.default-1530208323471\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S4 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S4 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.7.19.0\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12871464 2021-04-29] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S4 UpdateAgentService; C:\Program Files\update\UpdateAgent.exe [226216 2015-09-19] (LENOVO -> )
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R0 Fastboot; C:\WINDOWS\System32\DRIVERS\Fastboot.sys [67608 2015-09-19] (New Horizon DataSys Inc. -> Windows (R) Win 7 DDK provider) [File not signed]
R0 FBFsmon; C:\WINDOWS\System32\DRIVERS\FBFsmon.sys [39448 2015-09-19] (New Horizon DataSys Inc. -> Windows (R) Win 7 DDK provider) [File not signed]
R3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3476736 2016-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [412440 2015-07-03] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [492000 2015-05-27] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2015-05-27] (McAfee, Inc. -> McAfee, Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
S3 RtkA2dp; C:\WINDOWS\system32\drivers\RtkA2dp.sys [182288 2015-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
S3 RtkAvrcp; C:\WINDOWS\System32\drivers\RtkAvrcp.sys [60944 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
S3 RtkAvrcpCtrlr; C:\WINDOWS\System32\drivers\RtkAvrcpCtrlr.sys [70672 2015-05-12] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-13 20:17 - 2021-06-13 19:48 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-06-13 19:48 - 2021-06-13 20:12 - 000000000 ____D C:\zoek_backup
2021-06-13 19:06 - 2021-06-13 19:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-13 19:06 - 2021-06-13 19:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-13 19:06 - 2021-06-13 19:06 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-13 19:06 - 2021-06-13 19:06 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-13 19:05 - 2021-06-13 19:05 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-13 19:05 - 2021-06-13 19:05 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-13 19:05 - 2021-06-13 19:05 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-13 19:05 - 2021-06-13 19:05 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-13 19:04 - 2021-06-13 19:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-13 19:04 - 2021-06-13 19:04 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-13 19:03 - 2021-06-13 19:03 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-13 19:03 - 2021-06-13 19:03 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-13 19:03 - 2021-06-13 19:03 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-13 19:03 - 2021-06-13 19:03 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-13 19:03 - 2021-06-13 19:03 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-13 19:02 - 2021-06-13 19:02 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-13 19:02 - 2021-06-13 19:02 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-13 19:02 - 2021-06-13 19:02 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-13 15:02 - 2021-06-13 15:02 - 000058964 _____ C:\Users\Lukáš\Documents\cc_20210613_150213.reg
2021-06-13 14:49 - 2021-06-13 14:54 - 000000000 ____D C:\AdwCleaner
2021-06-13 10:39 - 2021-06-14 22:52 - 000000000 ____D C:\FRST
2021-06-08 16:42 - 2021-06-08 18:29 - 000000000 ____D C:\Users\Lukáš\Documents\FormatFactory
2021-06-08 16:39 - 2021-06-13 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2021-06-08 16:39 - 2021-06-08 16:39 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2021-06-08 16:38 - 2021-06-13 14:54 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Lavasoft
2021-06-08 16:32 - 2021-06-08 16:32 - 000000000 ____D C:\Users\Lukáš\AppData\Local\FF001
2021-06-07 17:13 - 2021-06-07 17:17 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\YouTube Downloader
2021-06-05 10:16 - 2021-06-08 16:42 - 000000000 ____D C:\FFOutput
2021-06-04 22:40 - 2021-06-04 13:15 - 000000000 ____D C:\Windows.old
2021-06-04 22:34 - 2021-06-04 22:40 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-06-04 22:29 - 2021-06-04 22:34 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-06-04 22:29 - 2021-06-04 22:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-06-04 22:12 - 2021-06-04 22:12 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2021-06-04 22:12 - 2021-06-04 22:12 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2021-06-04 22:12 - 2021-06-04 22:12 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-06-04 22:12 - 2021-06-04 22:12 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-06-04 22:12 - 2021-06-04 22:12 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VBICodec.ax
2021-06-04 22:12 - 2021-06-04 22:12 - 000095744 _____ C:\WINDOWS\system32\VirtualMonitorManager.dll
2021-06-04 22:12 - 2021-06-04 22:12 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-06-04 22:12 - 2021-06-04 22:12 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-06-04 22:11 - 2021-06-04 22:11 - 000729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2021-06-04 22:11 - 2021-06-04 22:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2021-06-04 22:11 - 2021-06-04 22:11 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-06-04 22:11 - 2021-06-04 22:11 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-06-04 22:11 - 2021-06-04 22:11 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-06-04 22:11 - 2021-06-04 22:11 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\VBICodec.ax
2021-06-04 22:11 - 2021-06-04 22:11 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-06-04 22:11 - 2021-06-04 22:11 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-06-04 22:11 - 2021-06-04 22:11 - 000053760 _____ C:\WINDOWS\SysWOW64\BWContextHandler.dll
2021-06-04 22:11 - 2021-06-04 22:11 - 000045880 _____ C:\WINDOWS\system32\HvSocket.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-06-04 22:10 - 2021-06-04 22:10 - 000446976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2021-06-04 22:10 - 2021-06-04 22:10 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2021-06-04 22:10 - 2021-06-04 22:10 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2021-06-04 22:10 - 2021-06-04 22:10 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\activeds.tlb
2021-06-04 22:10 - 2021-06-04 22:10 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2021-06-04 22:10 - 2021-06-04 22:10 - 000067072 _____ C:\WINDOWS\system32\BWContextHandler.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2021-06-04 22:10 - 2021-06-04 22:10 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000330752 _____ C:\WINDOWS\SysWOW64\ssdm.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000235520 _____ C:\WINDOWS\SysWOW64\HeatCore.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\timedate.cpl
2021-06-04 22:09 - 2021-06-04 22:09 - 000047472 _____ C:\WINDOWS\SysWOW64\umpdc.dll
2021-06-04 22:09 - 2021-06-04 22:09 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.drv
2021-06-04 22:09 - 2021-06-04 22:09 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2021-06-04 22:08 - 2021-06-04 22:08 - 004898144 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2021-06-04 22:08 - 2021-06-04 22:08 - 001354080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2021-06-04 22:08 - 2021-06-04 22:08 - 001091936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2021-06-04 22:08 - 2021-06-04 22:08 - 001032544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2021-06-04 22:08 - 2021-06-04 22:08 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2021-06-04 22:08 - 2021-06-04 22:08 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2021-06-04 22:08 - 2021-06-04 22:08 - 000056672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2021-06-04 22:07 - 2021-06-04 22:07 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2021-06-04 22:07 - 2021-06-04 22:07 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2021-06-04 22:07 - 2021-06-04 22:07 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2021-06-04 22:07 - 2021-06-04 22:07 - 000190976 _____ C:\WINDOWS\system32\BthpanContextHandler.dll
2021-06-04 22:07 - 2021-06-04 22:07 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\activeds.tlb
2021-06-04 22:07 - 2021-06-04 22:07 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-06-04 22:07 - 2021-06-04 22:07 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2021-06-04 22:06 - 2021-06-04 22:06 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-06-04 22:06 - 2021-06-04 22:06 - 000152064 _____ C:\WINDOWS\system32\EoAExperiences.exe
2021-06-04 22:06 - 2021-06-04 22:06 - 000029696 _____ (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2021-06-04 22:06 - 2021-06-04 22:06 - 000025088 _____ (The ICU Project) C:\WINDOWS\system32\icuin.dll
2021-06-04 22:05 - 2021-06-04 22:05 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-06-04 22:05 - 2021-06-04 22:05 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-06-04 22:05 - 2021-06-04 22:05 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-06-04 22:05 - 2021-06-04 22:05 - 000306688 _____ C:\WINDOWS\system32\HeatCore.dll
2021-06-04 22:05 - 2021-06-04 22:05 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2021-06-04 22:04 - 2021-06-04 22:04 - 004227116 _____ C:\WINDOWS\system32\DefaultHrtfs.bin
2021-06-04 22:04 - 2021-06-04 22:04 - 000455168 _____ C:\WINDOWS\system32\ssdm.dll
2021-06-04 22:04 - 2021-06-04 22:04 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2021-06-04 22:04 - 2021-06-04 22:04 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2021-06-04 22:04 - 2021-06-04 22:04 - 000074240 _____ C:\WINDOWS\system32\rdsxvmaudio.dll
2021-06-04 22:04 - 2021-06-04 22:04 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2021-06-04 22:04 - 2021-06-04 22:04 - 000064552 _____ C:\WINDOWS\system32\umpdc.dll
2021-06-04 22:04 - 2021-06-04 22:04 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.drv
2021-06-04 21:45 - 2021-06-04 21:45 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-06-04 21:45 - 2021-06-04 21:45 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-06-04 21:43 - 2021-06-13 20:29 - 000717866 _____ C:\WINDOWS\system32\perfh005.dat
2021-06-04 21:43 - 2021-06-13 20:29 - 000145008 _____ C:\WINDOWS\system32\perfc005.dat
2021-06-04 21:43 - 2021-06-04 21:43 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2021-06-04 21:43 - 2021-06-04 21:43 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2021-06-04 21:43 - 2021-06-04 21:43 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2021-06-04 21:43 - 2021-06-04 21:43 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2021-06-04 21:43 - 2021-06-04 21:43 - 000000000 ____D C:\WINDOWS\system32\cs
2021-06-04 21:29 - 2021-06-04 22:40 - 000000000 ____D C:\Program Files (x86)\MSBuild
2021-06-04 21:29 - 2021-06-04 21:29 - 000000000 ____D C:\Program Files\Reference Assemblies
2021-06-04 21:29 - 2021-06-04 21:29 - 000000000 ____D C:\Program Files\MSBuild
2021-06-04 21:29 - 2021-06-04 21:29 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2021-06-04 15:53 - 2021-06-04 15:53 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-06-04 15:52 - 2021-06-04 15:52 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-06-04 15:52 - 2021-06-04 15:52 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-06-04 15:52 - 2021-06-04 15:52 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-06-04 15:51 - 2021-06-04 15:51 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-06-04 15:51 - 2021-06-04 15:51 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-06-04 13:24 - 2021-06-04 13:24 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-06-04 13:17 - 2021-06-04 13:17 - 000000020 ___SH C:\Users\Lukáš\ntuser.ini
2021-06-04 13:13 - 2021-06-14 22:46 - 000004190 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0020F4EB-25DE-4DED-AADE-5E96253CC3DC}
2021-06-04 13:13 - 2021-06-13 20:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-04 13:13 - 2021-06-13 15:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-06-04 13:13 - 2021-06-13 14:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-06-04 13:13 - 2021-06-04 13:14 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-04 13:13 - 2021-06-04 13:14 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-689210801-1679876152-2392686753-1001
2021-06-04 13:13 - 2021-06-04 13:14 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-06-04 13:13 - 2021-06-04 13:13 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-06-04 13:13 - 2021-06-04 13:13 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-04 13:13 - 2021-06-04 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Western Digital
2021-06-04 13:13 - 2021-06-04 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-689210801-1679876152-2392686753-1001
2021-06-04 13:13 - 2021-06-04 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-06-04 13:13 - 2021-06-04 13:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\CyberLink
2021-06-04 13:12 - 2021-06-04 13:13 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2021-06-04 13:12 - 2021-06-04 13:13 - 000007623 _____ C:\WINDOWS\diagerr.xml
2021-06-04 12:57 - 2021-06-13 20:29 - 001694952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-04 12:48 - 2021-06-11 17:00 - 000000000 ____D C:\Users\Lukáš
2021-06-04 12:48 - 2019-12-07 11:10 - 000001105 _____ C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-04 12:46 - 2017-05-26 05:12 - 000103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2021-06-04 12:46 - 2017-05-26 05:12 - 000099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2021-06-04 12:41 - 2021-06-13 20:22 - 000443160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-04 12:41 - 2021-06-13 19:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-04 12:40 - 2021-06-13 20:22 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-02 22:49 - 2021-06-05 12:36 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Google
2021-06-02 22:49 - 2021-06-05 12:36 - 000000000 ____D C:\Program Files (x86)\Google

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-14 23:00 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-14 22:50 - 2016-11-18 16:39 - 000000000 ____D C:\Users\Lukáš\AppData\LocalLow\Mozilla
2021-06-14 22:14 - 2020-01-18 09:57 - 000000000 ____D C:\Program Files\CCleaner
2021-06-14 22:11 - 2018-11-16 19:17 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-06-14 22:11 - 2016-09-17 10:37 - 000000000 __SHD C:\Users\Lukáš\IntelGraphicsProfiles
2021-06-13 20:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-13 20:35 - 2018-02-15 23:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-13 20:30 - 2016-09-18 15:53 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2021-06-13 20:29 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-13 20:29 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-13 20:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-13 20:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-13 20:22 - 2018-02-23 20:52 - 000000000 ____D C:\Program Files\WinRAR
2021-06-13 20:21 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-13 20:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-13 20:19 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-13 20:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-13 19:17 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-13 18:22 - 2016-09-18 12:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-13 18:13 - 2016-09-18 12:34 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-13 17:50 - 2018-02-23 20:52 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-06-13 17:50 - 2018-02-23 20:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-06-13 14:54 - 2015-09-19 20:23 - 000000000 ____D C:\Program Files\Lenovo
2021-06-13 11:57 - 2020-06-15 21:26 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-08 16:39 - 2015-09-19 20:23 - 000000000 ____D C:\WINDOWS\Downloaded Installations
2021-06-08 16:36 - 2016-09-17 14:02 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2021-06-08 16:35 - 2019-02-08 13:26 - 000000000 ____D C:\ProgramData\Mozilla
2021-06-08 16:25 - 2016-09-17 13:55 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Anvsoft
2021-06-07 16:54 - 2018-05-01 10:21 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Downloaded Installations
2021-06-07 16:53 - 2020-08-09 14:26 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\YouTubeByClick
2021-06-05 13:18 - 2019-12-07 11:50 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-05 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-06-05 10:22 - 2017-03-10 20:47 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Software602
2021-06-05 10:18 - 2018-10-08 12:36 - 000000000 ____D C:\Users\Lukáš\Documents\Signer
2021-06-05 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2021-06-04 22:40 - 2021-03-31 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2021-06-04 22:40 - 2021-03-31 17:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2021-06-04 22:40 - 2021-03-08 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2021-06-04 22:40 - 2020-01-18 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-06-04 22:40 - 2019-12-07 11:14 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\spool
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-06-04 22:40 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-04 22:40 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-06-04 22:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-06-04 22:40 - 2017-07-20 19:02 - 000000000 ____D C:\Program Files\Intel
2021-06-04 22:40 - 2017-07-20 19:01 - 000000000 ____D C:\Program Files\CONEXANT
2021-06-04 22:40 - 2017-06-25 13:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tyre
2021-06-04 22:40 - 2017-05-24 18:51 - 000000000 ____D C:\Program Files\UNP
2021-06-04 22:40 - 2017-03-05 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2021-06-04 22:40 - 2017-03-05 17:16 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-06-04 22:40 - 2016-10-21 20:42 - 000000000 ____D C:\WINDOWS\SysWOW64\20-20 Technologies
2021-06-04 22:40 - 2016-10-20 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2021-06-04 22:40 - 2016-09-17 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFTools
2021-06-04 22:40 - 2016-09-17 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Renamer
2021-06-04 22:40 - 2016-09-17 08:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-06-04 22:40 - 2015-09-19 21:14 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2021-06-04 22:40 - 2015-09-19 20:30 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 8
2021-06-04 22:40 - 2015-09-19 20:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-06-04 22:39 - 2019-12-07 11:18 - 000000000 ____D C:\WINDOWS\Setup
2021-06-04 22:39 - 2019-12-07 11:14 - 000000000 __RHD C:\Users\Public\Libraries
2021-06-04 22:34 - 2021-03-08 23:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FoneLab
2021-06-04 22:34 - 2020-03-13 23:25 - 000000000 ____D C:\WINDOWS\Lenovo
2021-06-04 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Resources
2021-06-04 22:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Help
2021-06-04 22:34 - 2017-07-20 19:02 - 000000000 ____D C:\Program Files\Synaptics
2021-06-04 22:34 - 2016-09-17 14:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2021-06-04 22:34 - 2015-09-19 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2021-06-04 22:28 - 2017-12-10 12:21 - 000000000 ____D C:\Users\Lukáš\AppData\Local\Packages
2021-06-04 22:24 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-06-04 22:24 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-06-04 22:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-06-04 22:21 - 2019-12-07 11:52 - 000020908 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-06-04 22:21 - 2015-09-19 20:36 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-04 21:44 - 2019-12-07 11:51 - 000000000 ____D C:\WINDOWS\OCR
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-06-04 21:43 - 2019-12-07 11:49 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-06-04 21:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-06-04 21:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-06-04 16:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-06-04 16:00 - 2019-12-07 11:52 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-06-04 15:28 - 2020-10-02 17:30 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-04 13:21 - 2018-07-11 20:15 - 000000000 ____D C:\ProgramData\Packages
2021-06-04 13:19 - 2016-09-28 10:04 - 000000000 ___RD C:\Users\Lukáš\3D Objects
2021-06-04 13:19 - 2015-07-16 17:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-06-04 13:17 - 2021-04-24 19:24 - 000000000 ___DC C:\WINDOWS\Panther
2021-06-04 13:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2021-06-04 13:14 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-06-04 13:13 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2021-06-04 12:56 - 2016-10-20 20:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-06-04 12:54 - 2019-08-19 15:17 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MP3Gain
2021-06-04 12:54 - 2017-06-25 13:33 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tyre
2021-06-04 12:54 - 2016-09-18 18:08 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2021-06-04 12:54 - 2016-09-17 14:06 - 000000000 ____D C:\Users\Lukáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pracovní kalendář - 203
2021-06-04 12:47 - 2017-07-20 19:03 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2021-06-04 12:46 - 2017-07-20 19:02 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2021-06-04 09:14 - 2016-09-16 18:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-06-02 22:55 - 2016-09-17 10:43 - 000000000 ___RD C:\Users\Lukáš\OneDrive
2021-06-02 22:34 - 2019-07-13 20:39 - 000007606 _____ C:\Users\Lukáš\AppData\Local\Resmon.ResmonCfg
2021-06-02 22:25 - 2016-09-17 11:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-06-02 08:43 - 2016-11-17 17:52 - 000684269 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-16 16:03 - 2021-02-03 17:18 - 000000000 ____D C:\Users\Lukáš\AppData\Local\TeamViewer

==================== Files in the root of some directories ========

2017-03-12 20:10 - 2017-03-12 20:10 - 000004096 ____H () C:\Users\Lukáš\AppData\Local\keyfile3.drm
2017-06-08 19:46 - 2017-06-08 19:46 - 000000839 _____ () C:\Users\Lukáš\AppData\Local\recently-used.xbel
2019-07-13 20:39 - 2021-06-02 22:34 - 000007606 _____ () C:\Users\Lukáš\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021
Ran by Lukáš (14-06-2021 23:02:34)
Running from D:\Plocha
Windows 10 Home Version 20H2 19042.1052 (X64) (2021-06-04 11:15:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-689210801-1679876152-2392686753-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-689210801-1679876152-2392686753-503 - Limited - Disabled)
Guest (S-1-5-21-689210801-1679876152-2392686753-501 - Limited - Disabled)
Lukáš (S-1-5-21-689210801-1679876152-2392686753-1001 - Administrator - Enabled) => C:\Users\Lukáš
WDAGUtilityAccount (S-1-5-21-689210801-1679876152-2392686753-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.73 - Hulubulu Software)
Any Video Converter 6.0.2 (HKLM-x32\...\Any Video Converter) (Version: 6.0.2 - Anvsoft)
AnyPic JPG to PDF Converter 1.0.2 (HKLM-x32\...\{ADD050EC-6B50-437F-807B-FF9F29216FA5}_is1) (Version: - AnyPic Soft)
Brother MFL-Pro Suite DCP-7065DN (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.55 - Conexant)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
FoneLab Data Retriever 1.2.20 (HKLM-x32\...\{84530085-7274-4236-91A8-5DBF484771F7}_is1) (Version: 1.2.20 - FoneLab)
FormatFactory 5.7.5.0 (HKLM-x32\...\FormatFactory) (Version: 5.7.5.0 - Free Time)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2376 - GenesysLogic)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.7 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.7.19.0 - Lenovo Group Ltd.)
MediaCoder 0.8.58 (HKLM\...\MediaCoder) (Version: 0.8.58 - Mediatronic)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.48 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\OneDriveSetup.exe) (Version: 21.083.0425.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 89.0 (x64 cs) (HKLM\...\Mozilla Firefox 89.0 (x64 cs)) (Version: 89.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFTools Version 1.2 (09/28/2006) (HKLM-x32\...\PDFTools_is1) (Version: 1.0 - www.SheelApps.com - Sheel Khanna)
Pracovní kalendář (HKLM-x32\...\Pracovní kalendář) (Version: - )
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.17.7 - TeamViewer)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Tyre (HKLM-x32\...\Tyre_is1) (Version: 8.0.0.5 - 't Schrijverke)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{F9D14939-1792-44AB-8C53-F208534C2548}) (Version: 1.2.0.0 - Microsoft Corporation) Hidden
WD Quick View (HKLM-x32\...\{6D9DC1C5-AD2B-4FE1-812B-4EB7BC51DDBD}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{437D5C46-5AB0-4042-8682-0626441FF53B}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WsWin V2.98.8 - 2017-06-28 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.98.8 - Werner Krenn)

Packages:
=========
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2017-12-19] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-08] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5310.0_x64__8wekyb3d8bbwe [2021-06-08] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-27] (Microsoft Corporation) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx_108.dll [2020-08-04] (Free Time) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (WESTERN DIGITAL TECHNOLOGIES -> Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-03-31 17:19 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-09-17 13:05 - 2005-04-22 06:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2005-09-07 14:03 - 2005-09-07 14:03 - 000036864 _____ (Black Ice Software, Inc.) [File not signed] C:\Program Files (x86)\Nuance\PaperPort\blicectr.dll
2021-03-31 17:20 - 2012-09-06 21:02 - 000155648 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2021-03-31 17:20 - 2012-07-06 13:33 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2021-03-31 17:20 - 2012-07-06 13:33 - 017694720 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2021-03-31 17:20 - 2012-07-17 13:36 - 000094208 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2016-09-17 13:05 - 2012-07-05 13:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-06-24 01:00 - 2015-06-24 01:00 - 000285696 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-06-24 01:00 - 2015-06-24 01:00 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-06-04 12:53 - 2021-06-04 12:53 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2016-04-19 12:02 - 2016-04-19 12:02 - 001006080 ____R (Robert Simpson, et al.) [File not signed] [File is in use] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
2020-12-23 15:41 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-31 22:23 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-689210801-1679876152-2392686753-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-689210801-1679876152-2392686753-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-689210801-1679876152-2392686753-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-30] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {BE7160C8-EE33-4ED2-AA71-6A1AA2336542} hxxp://192.168.0.100/IPCamPluginDM.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2021-06-13 19:52 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\Control Panel\Desktop\\Wallpaper -> D:\Plocha\20032042_1742630582418208_3901495373089537661_n.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AvrcpService => 2
MSCONFIG\Services: BTDevManager => 2
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: UpdateAgentService => 2
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "PDF5 Registry Controller"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "ISUSPM"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-689210801-1679876152-2392686753-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A1448DA6-F320-405C-A2E7-0982847C22F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{07C68020-F586-4DD1-A7EB-34C10274FDE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{89C143EE-277D-4CCE-8709-CEB0764064B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B629733D-AE81-45E2-B189-C7F058A2EF7E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DBEF017-7766-4D1B-8E94-197FA7BD752E}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{1111657B-E82E-4292-B43E-DE0D2EC95F2C}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{7AA7B9F7-DDFC-4DFA-831C-2DC212429709}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{A9C39870-7C1B-4F8C-AA14-58C623523EEF}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{6E24D22A-6684-42D1-A853-E5862FFD70DB}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{54014671-314A-4375-B163-99970CD98199}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2CF51606-9E45-4D0E-9A84-F6F77E480441}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D7CDD24E-2F1A-48E3-983D-2B8DD117DFFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{82402832-7002-437F-89C8-22086ECC9AF3}] => (Allow) LPort=54925
FirewallRules: [{CA64668E-FEB0-49F3-AECB-E45348218526}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{E3AEC421-D906-4FA0-95B2-9E6E441D4F4A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4E06B121-981D-449C-903F-652F811E1FBC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{6E8C4DCD-5D4B-4592-A517-252331CC6BDA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{30EB3620-2197-4B59-9FFA-5B8E44C35944}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{05735352-23C0-42DB-84BA-E79EDA4B3E64}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (暇光软件科技(上海)有限公司 -> Free Time Co., Ltd.)
FirewallRules: [{340891C3-686E-4ABD-868A-FB9B66DADBA8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{76E26D88-11F4-4FE2-8530-7388AFFA60AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D5EC8B9-3E5E-421E-8D57-9FD5CB0D78FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{206362B3-6FF5-49D0-98D5-5C134A902C54}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

13-06-2021 14:52:58 AdwCleaner_BeforeCleaning_13/06/2021_14:52:57

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/13/2021 07:40:23 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/13/2021 05:29:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (06/13/2021 02:56:09 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Přístup k datům o výkonu byl odepřen pro uživatele SYSTEM (hodnota z GetUsera() pro běžící vlákno), když došlo k příslušnému pokusu z modulu C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (hodnota z GetModuleFileName() pro binární soubor, který vystavil dotaz).

Error: (06/13/2021 02:56:08 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (06/13/2021 02:55:38 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, A system shutdown is in progress.
]

Error: (06/13/2021 02:53:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary MsQuic.

System Error:
The resource loader failed to find MUI file.
.

Error: (06/13/2021 12:14:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2dbc

Čas spuštění: 01d76036546f198d

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 4c531a1d-5338-4cce-8dee-9d799fa8f736

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (06/13/2021 10:07:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20120.4004.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 11b4

Čas spuštění: 01d7602ad80a9614

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: f9e33298-6af6-400b-a140-614e7f484822

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20120.4004.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce


System errors:
=============
Error: (06/14/2021 11:05:15 AM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/14/2021 11:05:14 AM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/14/2021 11:05:14 AM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/13/2021 08:51:54 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/13/2021 08:12:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/13/2021 08:12:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/13/2021 08:12:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (06/13/2021 08:12:27 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
================
Date: 2021-06-13 19:47:10
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lukáš\AppData\Local\Temp\Rar$EXa4908.25858\zoek\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LUKAS\Lukáš
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.341.662.0, AS: 1.341.662.0, NIS: 1.341.662.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-13 19:44:22
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lukáš\AppData\Local\Temp\Rar$EXa11376.8912\zoek\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: LUKAS\Lukáš
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.341.662.0, AS: 1.341.662.0, NIS: 1.341.662.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-13 19:44:20
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lukáš\AppData\Local\Temp\Rar$EXa11376.3727\zoek\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.662.0, AS: 1.341.662.0, NIS: 1.341.662.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-13 19:43:52
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lukáš\AppData\Local\Temp\Rar$EXa11376.3727\zoek\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.341.662.0, AS: 1.341.662.0, NIS: 1.341.662.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

Date: 2021-06-13 19:43:37
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lukáš\AppData\Local\Temp\Rar$EXa11376.3727\zoek\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.341.662.0, AS: 1.341.662.0, NIS: 1.341.662.0
Verze modulu: AM: 1.1.18200.4, NIS: 1.1.18200.4

==================== Memory info ===========================

BIOS: LENOVO E0CN16WW 08/04/2015
Motherboard: LENOVO Nano 5B6
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 84%
Total physical RAM: 4011.01 MB
Available physical RAM: 635.64 MB
Total Virtual: 6827.01 MB
Available Virtual: 3056.89 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:225.04 GB) (Free:151.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:217.26 GB) (Free:106.05 GB) NTFS
Drive l: (LENOVO) (Fixed) (Total:3.05 GB) (Free:1.83 GB) NTFS

\\?\Volume{a0e2f434-243b-44f3-b832-2514600caaad}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.47 GB) NTFS
\\?\Volume{f05ebdb5-a934-4a4e-a41c-845ca12a8433}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AD0E9522)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu, pomalý ntb

#14 Příspěvek od JaRon »

zaverecne docistenie - citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start

Task: {2218D2AB-E600-4A2C-871D-68E829841573} - \Lenovo\ImController\TimeBasedEvents\f7cb8f1a-169a-42f2-9351-8eda3c980f7a -> No File <==== ATTENTION
Task: {401578B3-2E9E-481D-8872-F6A5A98ACEBD} - \Lenovo\ImController\TimeBasedEvents\16411e49-aea6-43ab-9354-c9810d59cfb0 -> No File <==== ATTENTION
Task: {75DE46E9-BE19-4F83-80A2-37991C3ACA3E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B2E9601-98CF-4832-A7D9-E0933A1EC645} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {909230BD-DA42-4D07-BF41-B38C405D59FC} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {DAA24675-AB53-419A-991F-1C06FEDF2E0F} - \Lenovo\ImController\TimeBasedEvents\6932e23a-2599-46c4-b4ca-a0dff1d8df13 -> No File <==== ATTENTION
Task: {D7F29B0B-DBCC-42C0-926A-BF8D6DAD84BD} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {E6765E34-61BD-4611-8822-1B6C34C4FF17} - \Lenovo\ImController\TimeBasedEvents\6793c4c6-0802-41df-927c-1051a8a440c7 -> No File <==== ATTENTION
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File

EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

artmle9
Návštěvník
Návštěvník
Příspěvky: 104
Registrován: 27 úno 2009 11:21

Re: Prosím o kontrolu, pomalý ntb

#15 Příspěvek od artmle9 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-06-2021
Ran by Lukáš (15-06-2021 09:31:49) Run:1
Running from D:\Plocha
Loaded Profiles: Lukáš
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

Task: {2218D2AB-E600-4A2C-871D-68E829841573} - \Lenovo\ImController\TimeBasedEvents\f7cb8f1a-169a-42f2-9351-8eda3c980f7a -> No File <==== ATTENTION
Task: {401578B3-2E9E-481D-8872-F6A5A98ACEBD} - \Lenovo\ImController\TimeBasedEvents\16411e49-aea6-43ab-9354-c9810d59cfb0 -> No File <==== ATTENTION
Task: {75DE46E9-BE19-4F83-80A2-37991C3ACA3E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8B2E9601-98CF-4832-A7D9-E0933A1EC645} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {909230BD-DA42-4D07-BF41-B38C405D59FC} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {DAA24675-AB53-419A-991F-1C06FEDF2E0F} - \Lenovo\ImController\TimeBasedEvents\6932e23a-2599-46c4-b4ca-a0dff1d8df13 -> No File <==== ATTENTION
Task: {D7F29B0B-DBCC-42C0-926A-BF8D6DAD84BD} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {E6765E34-61BD-4611-8822-1B6C34C4FF17} - \Lenovo\ImController\TimeBasedEvents\6793c4c6-0802-41df-927c-1051a8a440c7 -> No File <==== ATTENTION
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File
ContextMenuHandlers1: [Long-Term Docs Signer] -> {8B7B7594-9951-4D5A-BBCC-EB9AEE81CB12} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => -> No File

EmptyTemp:
Reboot:
End
*****************

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2218D2AB-E600-4A2C-871D-68E829841573}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2218D2AB-E600-4A2C-871D-68E829841573}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\f7cb8f1a-169a-42f2-9351-8eda3c980f7a" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{401578B3-2E9E-481D-8872-F6A5A98ACEBD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{401578B3-2E9E-481D-8872-F6A5A98ACEBD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\16411e49-aea6-43ab-9354-c9810d59cfb0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75DE46E9-BE19-4F83-80A2-37991C3ACA3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75DE46E9-BE19-4F83-80A2-37991C3ACA3E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B2E9601-98CF-4832-A7D9-E0933A1EC645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B2E9601-98CF-4832-A7D9-E0933A1EC645}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{909230BD-DA42-4D07-BF41-B38C405D59FC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{909230BD-DA42-4D07-BF41-B38C405D59FC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAA24675-AB53-419A-991F-1C06FEDF2E0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAA24675-AB53-419A-991F-1C06FEDF2E0F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6932e23a-2599-46c4-b4ca-a0dff1d8df13" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7F29B0B-DBCC-42C0-926A-BF8D6DAD84BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7F29B0B-DBCC-42C0-926A-BF8D6DAD84BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6765E34-61BD-4611-8822-1B6C34C4FF17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6765E34-61BD-4611-8822-1B6C34C4FF17}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\6793c4c6-0802-41df-927c-1051a8a440c7" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\JRcm => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\JRcm64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Long-Term Docs Signer => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\JRcm => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\JRcm64 => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62433659 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 64631 B
Edge => 62989 B
Firefox => 151507104 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 30346 B
Lukáš => 6681399 B

RecycleBin => 0 B
EmptyTemp: => 220.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:32:55 ====

Zamčeno