Zpomalený NTB

Zpráva

kockopes · #1 Příspěvek od **kockopes** » 27 pro 2019 20:26

Dobrý večer,
ntb kamaráda. Systém je velmi zpomalený, celé se to dost seká. Prosím o kontrolu logu. Addition + log po vyčištění v adw v příloze.
Díky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2019
Ran by lenovo (administrator) on LENOVO-PC (LENOVO 20208) (27-12-2019 20:03:45)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AlcorMicro, Corp. -> Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(AuthenTec, Inc. -> ) C:\Program Files\Lenovo Fingerprint Reader\x86\IEWebSiteLogon.exe
(AuthenTec, Inc. -> AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(AuthenTec, Inc. -> AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc. -> AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\lenovo\Desktop\adwcleaner_8.0.1.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\65.0.3467.78\opera_crashreporter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [380544 2012-05-28] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [295720 2013-10-25] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2013-03-29] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-03-12] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2789677139-3356820323-3021813091-1000\Software\Policies\...\system: [disablecmd] 0
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10EE1AD5-515F-4131-8DA5-EBAF4C877BBF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916592 2013-03-29] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {15AE879C-E130-4E60-815D-9E863B394CB7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {169D35CF-6DD5-4697-B778-A1350A11EDC4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {185DEF2A-5A68-4075-8ADB-6D1A3C8FFD50} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1E211161-A72C-4CB3-99D5-9667D5983BEB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2257B4EB-128A-4493-8785-978297C83FF8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {255D1F82-9426-4147-A8D8-F293C95F7EDF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2B9B2766-F64E-4EB3-98C7-BC9BA944AEDF} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2CBF6465-7CFC-46C1-A34D-4DE94598745C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {30E347AB-72BA-4FE6-940B-4CA7DC1769C1} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {35776B6B-BDC3-4B2C-AFE3-86CAAF426471} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3A98A31E-6DB3-41B8-A3BA-C79C783ED9DA} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {3A9A1AC7-6C21-4B7A-8B4A-0817FFFD5371} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3BF78769-54C8-41E1-855F-72FB832EC99A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E125677-E031-4B49-A1E1-7FB56DD4D09C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {432FCD8A-A8AF-42A4-BB4E-9A2E473A3A5D} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4365F6DE-4BDA-423A-B32F-75F08DCA7262} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {483739D7-C462-4379-82B8-3DACFE2FF715} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4FE8EBA5-C266-4F67-B981-8091F4A3BE34} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {51C8E5A4-5BD3-4CA1-AEDD-DF80C60CB6BA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5716F64F-FF0F-4161-A8BE-861730A02B60} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {57E99031-98DE-4563-B58B-BA497FACD413} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5B93E9A1-E70B-48E2-8F44-AF16D5FBBFF5} - System32\Tasks\{16BE3F1B-04D4-4249-88D6-036309C1030C} => C:\Windows\system32\pcalua.exe -a C:\Users\lenovo\AppData\Roaming\omniboxes\UninstallManager.exe -c -ptid=amt
Task: {5CA2FB13-CF5A-45A7-83DD-550D071E2052} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {62714F0E-71A5-422F-82DA-C4DEE72CE955} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6A5FF584-3367-4983-9967-1AE7F289DFEE} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6C8C6EA4-A5DC-4666-BD32-6776034BD456} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6D10E5BB-2F12-4404-B46F-F0E1F1BE3D27} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76943820-9522-43C2-B8EB-587EB22A8CEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {832CD657-A720-4B91-B22A-EC0087194D27} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {850BEB67-983E-4FD2-8F26-1C67E2196ACF} - System32\Tasks\{D38129AD-F1A3-4B03-94C4-7B5A297787C5} => C:\Windows\system32\pcalua.exe -a C:\DRIVERS\lide25vst6411011aen\SetupSG.exe -d C:\DRIVERS\lide25vst6411011aen
Task: {93C0052A-60F2-461C-B366-FE26BFB6BD4F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {969D7D92-CDD0-40D1-A40C-BBEA91FE0FF5} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9A9262E3-F373-43B7-9F1F-8B453B83A2C0} - System32\Tasks\{77BD5EA0-D0B4-4997-83BB-3679D28C014F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\GoPhoto.it V9.0\Uninstall.exe" -c /fcp=1
Task: {9C816009-DB77-41AD-B9F2-CD73AF05CD16} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {A2A46B9C-BEF8-418B-B6BA-EE1CEB8631F0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC3A84B6-9640-431F-AB06-6AD4B6DD45DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B4332010-1D89-4020-BA96-AC47BFD8AD9F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B612AB69-7D28-49B6-9848-89BC1E78EFAC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BA864909-21A7-423E-866B-6F262DC13FA6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {BDE27FA4-4B24-4E6D-88DD-0B69EDED7DFC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C909A8EA-5D7A-4157-BB18-011F7EA69B8F} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {CA6EC50C-AB7A-4AC2-B09B-AF3CB8F88FFD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC143224-C75B-4D34-A89F-21A29CC146A8} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [113024 2019-11-12] (Lenovo -> Lenovo)
Task: {CF17D0CD-02DE-4B5D-86DE-EB667F327726} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-12-11] (Adobe Inc. -> Adobe)
Task: {D000DC75-4BDC-448C-AB40-8BAA4B3CADE6} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [37432 2014-01-21] (Lenovo Information Products (Shenzhen) Co.,Ltd -> Microsoft)
Task: {D1CAA83D-91F7-4102-8A62-C9F36E6E5A28} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [233824 2012-06-14] (Intel® Services Manager -> Intel Corporation)
Task: {D8F2641D-919A-47C4-AF84-1DADBF57A9A6} - System32\Tasks\{B072105A-F558-46F4-85FD-4BA32AA8F6C6} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\lenovo\Desktop\lide25vst6411011acs\SetupSG.exe -d C:\Users\lenovo\Desktop\lide25vst6411011acs
Task: {DF2092EB-A9F9-4751-A9F3-A1089E6FF1D4} - System32\Tasks\Opera scheduled Autoupdate 1491066702 => C:\Program Files\Opera\launcher.exe [1528344 2019-12-19] (Opera Software AS -> Opera Software)
Task: {E222B892-D9E4-423D-9C03-5E40B7AB3982} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [59776 2019-11-12] (Lenovo -> )
Task: {E4F2FC9B-0ED7-4D44-8D35-09F9B1F96B1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EADC585E-9CEA-4620-BCA0-763FA4382742} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC7BB83A-691F-4CBF-A453-B5CD7EA86B0E} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EC9DDDAA-04B2-46B3-A935-4411A42F8647} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EF7A3811-50CB-47B1-BDBB-76C98DFF3C27} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F25BD93D-4208-4AD2-94A5-64778477725A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F3522C5E-B7CB-4653-99F5-A09333B472C3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {F3B6822E-F59B-49C9-85E4-69B443DE9D93} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {F6E2D668-613C-4108-98A1-D57C2FCA68CD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {FE2ECB9D-03EE-42A3-9440-3AF4EFB49F36} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {FE2F492C-A0A0-4C87-82A5-610C47C9EAAF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_303_pepper.exe [1453112 2019-12-11] (Adobe Inc. -> Adobe)
Task: {FFCBBCD5-01B3-4DAD-B875-E4D25B4B099C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{6bdb9633-a460-46dc-ae75-6c2168747d30}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{d592e584-4511-4783-a316-70978b7e4046}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2789677139-3356820323-3021813091-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-2789677139-3356820323-3021813091-1000 -> {BD74092E-BBFC-41CA-939C-0CB1E2738480} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2013-08-07] (AuthenTec, Inc. -> AuthenTec Inc.)
BHO-x32: No Name -> {0347C33E-8762-4905-BF09-768834316C61} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

Edge:
======
Edge Notifications: HKU\S-1-5-21-2789677139-3356820323-3021813091-1000 -> hxxps://web.skype.com; hxxps://www.facebook.com

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-12-05] [Legacy] [not signed]
FF HKU\S-1-5-21-2789677139-3356820323-3021813091-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files\Lenovo Fingerprint Reader\npffwloplugin.dll [2013-08-07] (AuthenTec, Inc. -> AuthenTec, Inc)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-03-12] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [clglhglbidpdbjffpfcldkifhdegdfle] - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx [2013-04-01]

Opera:
=======
OPR Notifications: hxxps://adult-channels.com; hxxps://mail.google.com; hxxps://web.skype.com; hxxps://ww3.9movies.us; hxxps://www.reddit.com
OPR Extension: (Alitools shopping assistant) - C:\Users\lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\nkekkheibgkgeepapinkalkongndfajn [2019-12-27]
StartMenuInternet: (HKLM) Opera - C:\Program Files (x86)\Opera\Opera.exe hxxp://www.omniboxes.com/?type=sc&ts=142814761 ... XXW0VFSK3S

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [2139944 2013-08-07] (AuthenTec, Inc. -> AuthenTec, Inc)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-12] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [197928 2013-10-25] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-10] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12758528 2019-12-16] (TeamViewer GmbH -> TeamViewer Germany GmbH)
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401704 2013-07-22] (AuthenTec, Inc. -> AuthenTec, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2019-03-19] (Microsoft Windows -> Intel Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [44272 2013-03-29] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tvtvcamd; C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (Lenovo (Japan) Ltd. -> ThinkVantage Communications Utility)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [1065344 2013-09-11] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-09] (Microsoft Windows -> Microsoft Corporation)
U4 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-27 20:03 - 2019-12-27 20:12 - 000029929 _____ C:\Users\lenovo\Desktop\FRST.txt
2019-12-27 20:03 - 2019-12-27 20:11 - 000000000 ____D C:\FRST
2019-12-27 20:02 - 2019-12-27 20:02 - 002272256 _____ (Farbar) C:\Users\lenovo\Desktop\FRST64.exe
2019-12-27 19:59 - 2019-12-27 19:59 - 000007621 _____ C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
2019-12-27 19:41 - 2019-12-27 19:43 - 000000000 ____D C:\AdwCleaner
2019-12-27 19:41 - 2019-12-27 19:41 - 008237744 _____ (Malwarebytes) C:\Users\lenovo\Desktop\adwcleaner_8.0.1.exe
2019-12-27 19:40 - 2019-12-27 20:00 - 000000000 ____D C:\Program Files\trend micro
2019-12-27 19:40 - 2019-12-27 19:41 - 000000000 ____D C:\rsit
2019-12-27 19:39 - 2019-12-27 19:39 - 001222144 _____ C:\Users\lenovo\Desktop\RSITx64.exe
2019-12-27 19:35 - 2019-12-27 19:35 - 000000000 ____D C:\Users\lenovo\AppData\Local\D3DSCache
2019-12-10 20:11 - 2019-12-10 20:11 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-10 20:11 - 2019-12-10 20:11 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-10 20:11 - 2019-12-10 20:11 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-10 20:11 - 2019-12-10 20:11 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-10 20:11 - 2019-12-10 20:11 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-10 20:11 - 2019-12-10 20:11 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-10 20:11 - 2019-12-10 20:11 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-10 20:11 - 2019-12-10 20:11 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-10 20:11 - 2019-12-10 20:11 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-10 20:11 - 2019-12-10 20:11 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-10 20:10 - 2019-12-10 20:10 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-10 20:10 - 2019-12-10 20:10 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-10 20:10 - 2019-12-10 20:10 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-10 20:10 - 2019-12-10 20:10 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-10 20:10 - 2019-12-10 20:10 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-06 21:25 - 2019-12-06 21:25 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2019-12-01 18:46 - 2019-12-01 18:46 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2019-11-28 19:48 - 2019-11-28 19:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fingerprint Reader
2019-11-28 19:46 - 2019-11-28 19:46 - 000156041 _____ C:\Users\lenovo\Downloads\8285165227 (1).pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-27 20:10 - 2019-08-12 02:10 - 000004202 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{FC5AD3F3-8F7D-4A0C-BCBD-9DB68359C6A6}
2019-12-27 20:00 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-27 19:51 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\servicing
2019-12-27 19:51 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-27 19:45 - 2019-08-12 02:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-27 19:45 - 2019-08-12 01:40 - 000443160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-27 19:45 - 2016-05-19 14:47 - 000000000 __SHD C:\Users\lenovo\IntelGraphicsProfiles
2019-12-27 19:45 - 2013-12-06 07:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-12-27 19:45 - 2013-12-03 22:26 - 000000000 ____D C:\Users\lenovo\AppData\LocalLow\AuthenTec
2019-12-27 19:44 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-12-27 19:36 - 2013-12-05 22:03 - 000000000 ____D C:\ProgramData\BOINC
2019-12-27 13:08 - 2019-08-12 01:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-26 12:30 - 2019-08-12 02:02 - 002381014 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-26 12:30 - 2019-08-12 01:41 - 000582790 _____ C:\WINDOWS\system32\perfh008.dat
2019-12-26 12:30 - 2019-08-12 01:41 - 000106556 _____ C:\WINDOWS\system32\perfc008.dat
2019-12-26 12:30 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-26 12:30 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-26 12:30 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-22 09:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-22 09:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-20 08:42 - 2019-08-12 02:10 - 000003946 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1491066702
2019-12-20 08:42 - 2017-06-30 21:42 - 000001107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-20 08:42 - 2017-04-01 18:11 - 000000000 ____D C:\Program Files\Opera
2019-12-13 00:15 - 2013-12-05 23:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-13 00:09 - 2013-12-05 23:38 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 07:58 - 2019-08-12 02:10 - 000004656 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2019-12-11 07:57 - 2019-09-11 07:55 - 005133880 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-12-11 07:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-12-11 07:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-12-11 00:00 - 2016-02-13 14:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-10 23:56 - 2017-12-16 10:29 - 000000000 ___RD C:\Users\lenovo\3D Objects
2019-12-10 23:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-10 23:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-10 23:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-09 06:39 - 2018-02-09 08:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-12-01 18:52 - 2013-12-07 09:53 - 000000000 ____D C:\Users\lenovo\AppData\Local\ElevatedDiagnostics
2019-12-01 18:47 - 2018-07-16 19:05 - 000000000 ____D C:\Users\lenovo\AppData\Local\TeamViewer

==================== Files in the root of some directories ========

2014-09-08 07:42 - 2014-09-08 07:42 - 000003584 _____ () C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-06 16:12 - 2014-10-06 16:12 - 000004096 ____H () C:\Users\lenovo\AppData\Local\keyfile3.drm
2019-12-27 19:59 - 2019-12-27 19:59 - 000007621 _____ () C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
2013-12-03 22:18 - 2013-12-03 22:19 - 000002201 _____ () C:\Users\lenovo\AppData\Local\WiDiSetupLog.20131203.221825.txt
2013-12-03 22:19 - 2013-12-03 22:20 - 000002201 _____ () C:\Users\lenovo\AppData\Local\WiDiSetupLog.20131203.221958.txt
2013-12-03 22:21 - 2013-12-03 22:21 - 000002201 _____ () C:\Users\lenovo\AppData\Local\WiDiSetupLog.20131203.222101.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

#2 Příspěvek od **Rudy** » 27 pro 2019 20:58

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Task: {2257B4EB-128A-4493-8785-978297C83FF8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {255D1F82-9426-4147-A8D8-F293C95F7EDF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {35776B6B-BDC3-4B2C-AFE3-86CAAF426471} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3E125677-E031-4B49-A1E1-7FB56DD4D09C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {432FCD8A-A8AF-42A4-BB4E-9A2E473A3A5D} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4FE8EBA5-C266-4F67-B981-8091F4A3BE34} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {76943820-9522-43C2-B8EB-587EB22A8CEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {832CD657-A720-4B91-B22A-EC0087194D27} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9C816009-DB77-41AD-B9F2-CD73AF05CD16} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {AC3A84B6-9640-431F-AB06-6AD4B6DD45DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B4332010-1D89-4020-BA96-AC47BFD8AD9F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B612AB69-7D28-49B6-9848-89BC1E78EFAC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BA864909-21A7-423E-866B-6F262DC13FA6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F3B6822E-F59B-49C9-85E4-69B443DE9D93} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FFCBBCD5-01B3-4DAD-B875-E4D25B4B099C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
BHO-x32: No Name -> {0347C33E-8762-4905-BF09-768834316C61} -> No File
BHO-x32: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
U4 aspnet_state; no ImagePath
C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EnptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

kockopes · #3 Příspěvek od **kockopes** » 27 pro 2019 21:16

Dobrý večer,
zasílám log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by lenovo (27-12-2019 21:11:07) Run:1
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Task: {2257B4EB-128A-4493-8785-978297C83FF8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {255D1F82-9426-4147-A8D8-F293C95F7EDF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {35776B6B-BDC3-4B2C-AFE3-86CAAF426471} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3E125677-E031-4B49-A1E1-7FB56DD4D09C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {432FCD8A-A8AF-42A4-BB4E-9A2E473A3A5D} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {4FE8EBA5-C266-4F67-B981-8091F4A3BE34} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {76943820-9522-43C2-B8EB-587EB22A8CEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {832CD657-A720-4B91-B22A-EC0087194D27} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9C816009-DB77-41AD-B9F2-CD73AF05CD16} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {AC3A84B6-9640-431F-AB06-6AD4B6DD45DA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B4332010-1D89-4020-BA96-AC47BFD8AD9F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B612AB69-7D28-49B6-9848-89BC1E78EFAC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {BA864909-21A7-423E-866B-6F262DC13FA6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F3B6822E-F59B-49C9-85E4-69B443DE9D93} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {FFCBBCD5-01B3-4DAD-B875-E4D25B4B099C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
BHO-x32: No Name -> {0347C33E-8762-4905-BF09-768834316C61} -> No File
BHO-x32: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
BHO-x32: No Name -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
U4 aspnet_state; no ImagePath
C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

EnptyTemp:
End

*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2257B4EB-128A-4493-8785-978297C83FF8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2257B4EB-128A-4493-8785-978297C83FF8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{255D1F82-9426-4147-A8D8-F293C95F7EDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{255D1F82-9426-4147-A8D8-F293C95F7EDF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35776B6B-BDC3-4B2C-AFE3-86CAAF426471}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35776B6B-BDC3-4B2C-AFE3-86CAAF426471}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E125677-E031-4B49-A1E1-7FB56DD4D09C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E125677-E031-4B49-A1E1-7FB56DD4D09C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{432FCD8A-A8AF-42A4-BB4E-9A2E473A3A5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{432FCD8A-A8AF-42A4-BB4E-9A2E473A3A5D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4FE8EBA5-C266-4F67-B981-8091F4A3BE34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4FE8EBA5-C266-4F67-B981-8091F4A3BE34}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76943820-9522-43C2-B8EB-587EB22A8CEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76943820-9522-43C2-B8EB-587EB22A8CEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{832CD657-A720-4B91-B22A-EC0087194D27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{832CD657-A720-4B91-B22A-EC0087194D27}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C816009-DB77-41AD-B9F2-CD73AF05CD16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C816009-DB77-41AD-B9F2-CD73AF05CD16}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC3A84B6-9640-431F-AB06-6AD4B6DD45DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC3A84B6-9640-431F-AB06-6AD4B6DD45DA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B4332010-1D89-4020-BA96-AC47BFD8AD9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4332010-1D89-4020-BA96-AC47BFD8AD9F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B612AB69-7D28-49B6-9848-89BC1E78EFAC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B612AB69-7D28-49B6-9848-89BC1E78EFAC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BA864909-21A7-423E-866B-6F262DC13FA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BA864909-21A7-423E-866B-6F262DC13FA6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3B6822E-F59B-49C9-85E4-69B443DE9D93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3B6822E-F59B-49C9-85E4-69B443DE9D93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FFCBBCD5-01B3-4DAD-B875-E4D25B4B099C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFCBBCD5-01B3-4DAD-B875-E4D25B4B099C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully
C:\Users\lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
EnptyTemp: => Error: No automatic fix found for this entry.

The system needed a reboot.

==== End of Fixlog 21:11:16 ====

#4 Příspěvek od **Rudy** » 27 pro 2019 21:53

Budeme to muset spustit znovu, omlouvám se za překlep ve skriptu. Nový skript:

Start

CloseProcesses:

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Ostatní bylo smazáno správně.

kockopes · #5 Příspěvek od **kockopes** » 27 pro 2019 22:10

Dobrý večer,
zasílám nový log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-12-2019
Ran by lenovo (27-12-2019 22:00:57) Run:2
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

EmptyTemp:
End
*****************

Processes closed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 939916723 B
Java, Flash, Steam htmlcache => 826 B
Windows/system/drivers => 1735424 B
Edge => 66211442 B
Chrome => 0 B
Firefox => 0 B
Opera => 661913247 B

Temp, IE cache, history, cookies, recent:
Default => 9262 B
Users => 9262 B
ProgramData => 9262 B
Public => 9262 B
systemprofile => 9262 B
systemprofile32 => 9262 B
LocalService => 9262 B
NetworkService => 439396 B
lenovo => 22720607 B

RecycleBin => 1905558755 B
EmptyTemp: => 3.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:10:28 ====

#6 Příspěvek od **Rudy** » 28 pro 2019 11:14

OK, teď byly dočasné soubory internetu smazány. Nastala nějaká změna?

kockopes · #7 Příspěvek od **kockopes** » 28 pro 2019 11:46

Zdravím,
po včerejšku NTB již funguje mnohem líp. Co ho ale trápí je vytížení disku, často i na 100%. Podle protokolu jsem zjistil, že se jedná o windows defender. Je možné řešit ještě toto?
Děkuji.

#8 Příspěvek od **Rudy** » 28 pro 2019 12:30

Toto ,se moc často nestane. Použijte návod přímo od MS: https://translate.google.com/translate? ... rev=search .

kockopes · #9 Příspěvek od **kockopes** » 28 pro 2019 19:08

Dobrý večer, nyní to vypadá celkem v pořádku. Programy určené k čištění jsem odinstaloval pomocí DelFixu.
Opětovně děkuji za pomoc zde na foru a prosím o lock.
Hezký den a úspěšný vstup do Nového roku

#10 Příspěvek od **Rudy** » 28 pro 2019 19:52

Nemáte zač a šťastný a veselý!

VIRY.CZ

Zpomalený NTB

Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB

Re: Zpomalený NTB