Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Zpomalene PC - prosim o kontrolu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Zpomalene PC - prosim o kontrolu

#1 Příspěvek od Ronnie Basic »

Cca 5 dni pozoruji zpomaleny chod Win 10 o pocitove -30%. Win Update jsem poladil. Zkontroloval jsem, ze v Power Settings je zaskrtnuto 'High Performance'. V Task Manager -> Performance nepozoruji vyraznejsi spike v zatizeni CPU / memory / disk / network... Win 10 instalace je stara < 1/2 roku a az doted fungovala nad ocekavani svizne.

Mohl bych poprosit znalejsi o kontrolu logu? Predem velmi dekuji a posilam vam dobre zdravi.


Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2021
Ran by sousedovic (administrator) on MYTHOLOGY2-LGN (LENOVO 82B1) (21-06-2021 11:11:10)
Running from C:\Users\sousedovic\Desktop
Loaded Profiles: sousedovic
Platform: Windows 10 Pro Version 21H1 19043.1052 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) D:\Program Files on Decko\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) D:\Program Files on Decko\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359763.inf_amd64_cbe903b159d3b969\B359805\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359763.inf_amd64_cbe903b159d3b969\B359805\atiesrxx.exe
(Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) D:\Program Files on Decko\TCMD 9\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\sousedovic\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\\Lenovo.Vantage.AddinHost.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2fcf64020e032ea8\LenovoUtilityService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\Display.NvContainer\NVDisplay.Container.exe <2>
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\CTHelper.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\DisplayTuneService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DisplayTune.exe] => D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\...\Winlogon: [LegalNoticeText] If you see it, it is already too late.
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Run: [GalaxyClient] => [X]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
Startup: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2021-01-12]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> D:\Program Files on Decko\MS Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E317D5-8872-413C-9E6A-0AE36D291967} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DDDF332-283B-47F4-B330-954E8B7704EE} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {1BDFA6AA-6751-4E67-9482-C1B663DDD3C1} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3767460464-1733564075-1801547666-1001 => C:\Users\sousedovic\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [87896 2021-06-09] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {1FF7C8B1-A276-46A1-8767-B58C08535F72} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\cda1ba29-148a-4722-9890-4eb7c2992466 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {233C98AE-BDF0-4341-9308-159648232A4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3945F269-4C83-48DE-959D-669C0F812F43} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {43542EF2-C1C0-48F2-AF83-9DCB34E55D3C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {484522FA-B516-4762-8DDA-F2F7038306E6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5982891a-5909-4787-b29c-53b7b2774003 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {4FE7532A-B702-4976-AB6B-34A06B5D7834} - System32\Tasks\StartDVR => D:\Program Files on Decko\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {51C3E6EF-903B-4F31-95D4-60327C3E3ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {535C6198-5785-4274-8B57-45FB9F32DB26} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A84B70B-3212-432B-96B9-45A6F6AF8D17} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {6C771D1D-84A3-4C19-AB9A-567CD2F3A9E5} - System32\Tasks\AMDInstallLauncher => D:\Program Files on Decko\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {74363998-FE19-415C-9E03-DC1814ADF35E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\EXPLORER.EXE /NOUACCHECK
Task: {78E979AA-6D2C-437A-9B12-C0AB2B06F95A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A3749A3-2664-44E1-B29D-9217CA3BEAB7} - System32\Tasks\ModifyLinkUpdate => D:\Program Files on Decko\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {80F46303-0375-4FED-B33D-68C523861871} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe
Task: {8B2D2B21-0C1B-4376-962E-135870538842} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\518c8d06-90ec-445e-b32c-c1db84b6dbc5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {927926AD-C7F3-424C-AB22-CC2F01F50904} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-05-19] (Lenovo -> Lenovo Group Ltd.)
Task: {A02B102B-9457-4664-A0C2-83C76AEA7DA8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A748D6B7-FE1D-412E-9272-013A4D984DA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {A98E7C13-9909-44B6-BDF5-B81AA0ACB34C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {ACA88E99-7E34-4DCA-9222-45D6A5DC8D46} - System32\Tasks\StartCN => D:\Program Files on Decko\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {AF117941-FD29-4B8F-A5EB-68958A7D66D9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\11e461df-becc-47c1-8359-85519bae8230 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {B6701416-876D-4452-83C3-BE3D3C3AA7E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {BCAE1EFB-436E-448E-8542-24A138A7BA21} - System32\Tasks\AMDLinkUpdate => D:\Program Files on Decko\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {C26F3372-4128-45E3-A20E-FEAE6D7F19F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CCBE0695-D07C-4488-A3BE-BBA6889A7E7A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CE55DAC8-12A8-4C3E-82AF-950482E6AC4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D88F5F9A-BE9B-41B8-A809-573E29DF721F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {E2C34C06-7EEC-4532-995C-72B1C25959FA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7F9D9FF-8BFC-45B3-B413-BA39BE1F7592} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2066E47-E13F-4C2A-8DB4-AAD3E5538177} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62392 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {F6BC268B-9CF9-433D-8C2A-B168D0A59BC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{6fe6c11f-5553-4d7f-80e3-b4a5fd991393}: [DhcpNameServer]
Tcpip\..\Interfaces\{a2083059-fca6-43cf-9551-a17c3e614e42}: [DhcpNameServer]

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\sousedovic\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-21]

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files on Decko\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Program Files on Decko\MS Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files on Decko\MS Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

CHR Profile: C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default [2021-06-21]
CHR Notifications: Default -> hxxps://tinder.com
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","file:///C:/Users/Public/KPMG/Chrome_homepage/Google_Startup.htm","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-25]
CHR Extension: (Docs) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-25]
CHR Extension: (Google Drive) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-25]
CHR Extension: (YouTube) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-25]
CHR Extension: (Sheets) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-25]
CHR Extension: (Google Docs Offline) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-03]
CHR Extension: (Referer Control) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2020-12-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AOCDTAOCGMenuService; D:\Program Files on Decko\AOC G-Menu\DisplayTuneService.exe [212768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-12-26] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 GalaxyClientService; D:\Program Files on Decko\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2fcf64020e032ea8\LenovoUtilityService.exe [531360 2021-02-23] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
S4 OpenVPNService; D:\Program Files on Decko\OpenVPN 2.1\bin\openvpnserv.exe [36352 2009-12-12] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BazisPortableCDBus; C:\WINDOWS\System32\drivers\BazisPortableCDBus.sys [283480 2021-01-05] (Sysprogs OU -> Sysprogs OU)
S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [52688 2020-05-21] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2009-12-12] (OpenVPN, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 IntelCseWNP; \??\C:\WINDOWS\system32\drivers\wnpdriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-21 11:11 - 2021-06-21 11:14 - 000025018 _____ C:\Users\sousedovic\Desktop\FRST.txt
2021-06-21 11:10 - 2021-06-21 11:12 - 000000000 ____D C:\FRST
2021-06-21 11:09 - 2021-06-21 11:08 - 002300416 _____ (Farbar) C:\Users\sousedovic\Desktop\FRST64.exe
2021-06-14 10:44 - 2021-06-14 10:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-12 10:30 - 2021-06-12 10:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-12 10:30 - 2021-06-12 10:30 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-12 10:29 - 2021-06-12 10:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-12 10:29 - 2021-06-12 10:29 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-12 10:29 - 2021-06-12 10:29 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-12 10:29 - 2021-06-12 10:29 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-12 10:29 - 2021-06-12 10:29 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-12 10:29 - 2021-06-12 10:29 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-12 10:29 - 2021-06-12 10:29 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-12 10:29 - 2021-06-12 10:29 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-12 10:29 - 2021-06-12 10:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-12 10:29 - 2021-06-12 10:29 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-12 10:29 - 2021-06-12 10:29 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-08 10:45 - 2021-06-08 10:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2021-05-29 18:29 - 2021-05-29 18:29 - 000000800 _____ C:\Users\Public\Desktop\Might and Magic 8.lnk
2021-05-29 18:29 - 2021-05-29 18:29 - 000000800 _____ C:\ProgramData\Desktop\Might and Magic 8.lnk
2021-05-29 18:29 - 2021-05-29 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might and Magic 8 - Day of the Destroyer [GOG.com]
2021-05-29 10:39 - 2021-05-29 10:39 - 000000000 ____D C:\Users\sousedovic\AppData\Local\BY-COMBO2
2021-05-24 13:50 - 2021-05-24 13:50 - 000000000 ____D C:\Users\sousedovic\AppData\LocalLow\Bethesda Softworks
2021-05-24 13:33 - 2021-05-24 13:33 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doomsday
2021-05-24 13:33 - 2021-05-24 13:33 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Doomsday
2021-05-24 13:33 - 2021-05-24 13:33 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Deng Team

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-21 11:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-21 10:55 - 2021-01-08 16:25 - 000687848 _____ C:\WINDOWS\system32\perfh005.dat
2021-06-21 10:55 - 2021-01-08 16:25 - 000141456 _____ C:\WINDOWS\system32\perfc005.dat
2021-06-21 10:55 - 2021-01-08 15:46 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-21 10:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-21 10:54 - 2020-12-28 12:50 - 000000000 ____D C:\Users\sousedovic\AppData\Local\AMD_Common
2021-06-21 10:50 - 2020-12-25 19:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-21 10:48 - 2021-01-08 15:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-06-21 10:48 - 2021-01-08 15:45 - 000003136 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-06-21 10:47 - 2021-01-08 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-21 10:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-20 18:16 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-20 14:05 - 2021-01-08 15:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-20 10:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-20 10:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-20 10:38 - 2020-12-30 19:11 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-19 11:03 - 2020-12-25 11:11 - 000000000 ____D C:\Users\sousedovic\AppData\Local\D3DSCache
2021-06-18 12:00 - 2020-12-25 10:46 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 10:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-17 10:21 - 2018-09-15 09:31 - 000000167 _____ C:\WINDOWS\win.ini
2021-06-16 10:22 - 2021-01-03 16:18 - 000000000 ____D C:\Users\sousedovic\AppData\Local\LenovoServiceBridge
2021-06-14 10:56 - 2020-12-25 23:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-14 10:44 - 2020-12-25 23:26 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-14 09:34 - 2020-12-26 05:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-12 10:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-12 10:45 - 2021-01-08 15:38 - 000452160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-12 10:44 - 2021-01-08 15:39 - 000000000 ____D C:\Users\sousedovic
2021-06-12 10:44 - 2019-12-07 16:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-12 10:44 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-06-12 10:44 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\en-GB
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 10:32 - 2020-12-25 11:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-10 11:41 - 2020-12-30 19:09 - 000000000 ____D C:\Users\sousedovic\AppData\Local\CrashDumps
2021-06-08 10:45 - 2020-12-25 12:32 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-06-08 10:41 - 2020-12-25 12:32 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Microsoft Help
2021-06-06 21:27 - 2020-12-25 21:05 - 000005400 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-29 18:24 - 2020-12-25 19:14 - 000000000 ____D C:\Users\sousedovic\Desktop\Gamesky
2021-05-27 08:44 - 2021-02-10 09:43 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-05-25 07:48 - 2020-12-26 05:34 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-12-26 05:34 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-24 13:49 - 2021-01-08 12:10 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-05-24 13:48 - 2020-12-26 11:23 - 000001312 _____ C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam.lnk

==================== Files in the root of some directories ========

2020-12-31 16:52 - 2020-12-31 16:52 - 000007605 _____ () C:\Users\sousedovic\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2021
Ran by sousedovic (21-06-2021 11:21:05)
Running from C:\Users\sousedovic\Desktop
Windows 10 Pro Version 21H1 19043.1052 (X64) (2021-01-08 13:45:27)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-3767460464-1733564075-1801547666-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3767460464-1733564075-1801547666-503 - Limited - Disabled)
Guest (S-1-5-21-3767460464-1733564075-1801547666-501 - Limited - Disabled)
sousedovic (S-1-5-21-3767460464-1733564075-1801547666-1001 - Administrator - Enabled) => C:\Users\sousedovic
WDAGUtilityAccount (S-1-5-21-3767460464-1733564075-1801547666-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat  9 Pro - Czech, Hungarian, Polish, Slovak (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Albion (HKLM-x32\...\1436955815_is1) (Version: 1.38 - GOG.com)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: - Advanced Micro Devices, Inc.) Hidden
AOC G-Menu (HKLM\...\{177B7213-4D12-49AD-9746-C532580D6D52}) (Version: 1.2.003 - Portrait Displays, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Deus Ex GOTY (HKLM-x32\...\1207658995_is1) (Version: 1.112fm(Revision - GOG.com)
Deus Ex New Vision (HKLM-x32\...\Deus Ex New Vision) (Version: 1.5 - DaveW)
Deus Ex Revision (HKLM-x32\...\1525634891_is1) (Version: 1.112fm(Revision - GOG.com)
Doomsday (HKLM\...\{9D9190C1-135F-4107-A36F-09AE5EA318BE}) (Version: - dengine.net)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC)
Into the Breach (HKLM-x32\...\2004253604_is1) (Version: 1.2.24 - GOG.com)
Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: - LENOVO (UNITED STATES) INC.)
Lenovo Service Bridge (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM-x32\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Teams) (Version: - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Might and Magic 3 - Isles of Terra (HKLM-x32\...\1207661223_is1) (Version: 1.0 - GOG.com)
Might and Magic 8: Day of the Destroyer (HKLM-x32\...\1207658918_is1) (Version: 1.0 - GOG.com)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.8 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenMW 0.46.0 (HKLM-x32\...\OpenMW 0.46.0) (Version: 0.46.0 - OpenMW.org)
OpenVPN 2.1.1 (HKLM-x32\...\OpenVPN) (Version: 2.1.1 - )
OpenXcom 1.0 (HKLM-x32\...\OpenXcom) (Version: - OpenXcom Developers)
Path of Diablo Launcher (HKLM-x32\...\{D75E54DA-3861-4F8B-94BD-7675F83CB70F}) (Version: 2.0.0 - Path of Diablo)
Project Diablo 2 (HKLM-x32\...\{822B3055-5F16-4934-A1FC-378AB0181A66}_is1) (Version: 1.0 - projectdiablo2.com)
Pulse Application Launcher (HKLM-x32\...\{20CDFDBB-18B5-4827-A3D0-71D36A125E96}) (Version: 9.1.6725 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Pulse_Setup_Client) (Version: - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: - Pulse Secure, LLC)
Python 3.8.7 (64-bit) (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\{a32da68d-eab0-48d8-947e-8187f9630441}) (Version: 3.8.7150.0 - Python Software Foundation)
Python 3.8.7 Add to Path (64-bit) (HKLM\...\{87D866F1-94A9-40D2-BA58-F4C3BFA6A225}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Core Interpreter (64-bit) (HKLM\...\{103C9234-4C33-47A7-BA73-0182EFAEE1AE}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Development Libraries (64-bit) (HKLM\...\{2B5CFC34-DF9D-46E1-B74A-A4D756AA27B8}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Documentation (64-bit) (HKLM\...\{AB51D764-256F-4FFC-9F00-FD97EE8D4AE4}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Executables (64-bit) (HKLM\...\{E9451150-5D78-4B5B-A7F7-2C1DE01EAA87}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 pip Bootstrap (64-bit) (HKLM\...\{408439E9-1A19-4C26-B5DD-EE7C39ADF749}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Standard Library (64-bit) (HKLM\...\{4FAEBB7B-E3A6-4E85-8D3C-8DD3C53C7A4E}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Tcl/Tk Support (64-bit) (HKLM\...\{4D4E250E-7002-4B30-ADCD-4FCEBBCC015B}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Test Suite (64-bit) (HKLM\...\{4D1D56DE-8FA6-4309-941F-F4B41BA36AA1}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Utility Scripts (64-bit) (HKLM\...\{555B15D5-5D22-4AD4-AD91-D2D8085D198F}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{978F3F47-FE6A-4CA8-B412-2A48C0DB05AE}) (Version: 3.8.7294.0 - Python Software Foundation)
Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: - Samsung Electronics)
Samsung NVM Express Driver (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: - Samsung Electronics Co., Ltd) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0409-0000-0000000FF1CE}_Office14.OMUI.en-us_{840912CB-128E-4A73-9CD9-F807BC9B7684}) (Version:  - Microsoft)
The Elder Scrolls III - Morrowind GotY (HKLM-x32\...\1435828767_is1) (Version: - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.22 - Black Tree Gaming Ltd.)
Wizardry 7 (DOS Version) (HKLM-x32\...\GOGPACKWIZARDRY7DOS_is1) (Version: - GOG.com)
X-COM - UFO Defense (HKLM-x32\...\1445250340_is1) (Version: - GOG.com)
X-COM: Terror from the Deep (HKLM-x32\...\1445249983_is1) (Version: 2.1 - GOG.com)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: - ZONER software)

Bluetooth Audio Receiver -> C:\Program Files\WindowsApps\55746MarkSmirnov.BluetoothAudioReveicer_1.1.5.0_x64__xwrbx6997tsfc [2021-06-19] (Mark Smirnov)
Citrix Workspace -> C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54 [2021-06-19] (Citrix) [Startup Task]
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20602.609.0_x64__rz1tebttyb220 [2020-12-25] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-26] (Apple Inc.) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-19] (LENOVO INC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2021-01-08] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-12-30] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3767460464-1733564075-1801547666-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sousedovic\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files on Decko\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files on Decko\Notepad++\NppShell_06.dll [2020-06-24] (Notepad++ -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files on Decko\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files on Decko\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\sousedovic\Desktop\CMD ADMIN rights.lnk -> D:\Koalova slozka\PSTools\Ronnie\CMD with full ADMIN rights.bat ()
Shortcut: C:\Users\sousedovic\Desktop\Gamesky\Wizardry 7 + automap  NOT AS ADMIN.lnk -> D:\CloneCD profily\Wizardry 7 [DOS version - GOG original]\03_Automap mod for DOS\playwiz7.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Add a new TAP virtual ethernet adapter.lnk -> D:\Program Files on Decko\OpenVPN 2.1\bin\addtap.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Delete ALL TAP virtual ethernet adapters.lnk -> D:\Program Files on Decko\OpenVPN 2.1\bin\deltapall.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeon Master 2\www.oldgames.sk.lnk -> hxxp:

==================== Loaded Modules (Whitelisted) =============

2020-07-27 15:14 - 2020-07-27 15:14 - 000017920 _____ () [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\libEGL.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 003567616 _____ () [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\libGLESv2.dll
2020-11-13 15:48 - 2020-11-13 15:48 - 001470976 _____ (Advanced Micro Devices, Inc.) [File not signed] D:\Program Files on Decko\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2021-01-05 15:08 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] D:\Program Files on Decko\7-Zip\7-zip.dll
2020-12-25 21:09 - 2020-05-30 16:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-31 15:18 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000414720 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000024576 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 001441792 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 001189888 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000134656 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 006184448 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 006867456 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 001104896 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000325120 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 003668480 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000517120 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000051712 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 004228608 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000171008 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 001085440 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000205824 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000329728 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000127488 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000390656 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 095598080 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 005587968 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000462848 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000188928 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 002878464 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000055808 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000284160 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000333824 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000136704 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000090112 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000313856 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-13 16:00 - 2020-11-13 16:00 - 000091648 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files on Decko\MS Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> D:\Program Files on Decko\Python 3.8\Scripts\;D:\Program Files on Decko\Python 3.8\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AMD Crash Defender Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: OpenVPNService => 3
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\StartupApproved\StartupFolder: => "Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk"
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\StartupApproved\Run: => "GogGalaxy"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6B3A99B8-64E1-4D2D-A48F-F817621CD5B6}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{85801AC7-48BE-4780-B35B-92D924DAD55A}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{A656639C-795A-47E7-9726-35B14C01D422}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{9776298B-32A7-49E5-8187-CB468A0DA81B}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{C85B3951-EE99-4A09-A571-48BAF98B6132}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{A9705FEE-2C8F-4C34-906F-EC9DADF9C100}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{32A12C71-B1EA-4C3A-87BE-BA9341E368ED}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{D959DBB4-E11F-440F-8421-F7ABD65E5297}] => (Allow) D:\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B84C2E5-9FCD-48C3-9D3F-681A3D3AAF20}] => (Allow) D:\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{DE789C01-ADE7-4145-80D0-DEF6CB358C5D}D:\program files on decko\steam\steam.exe] => (Allow) D:\program files on decko\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{3D28CFE0-42D4-4837-8A0A-7A17D87DAE76}D:\program files on decko\steam\steam.exe] => (Allow) D:\program files on decko\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0223CA91-5127-464A-ACE3-327A4B7D7BF0}] => (Allow) D:\Program Files on Decko\MS Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D7169C3-134C-4CCD-8364-3F31261AAC9C}] => (Allow) D:\Program Files on Decko\MS Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA0D392C-83AE-4785-B693-4BCD6DE83E69}] => (Allow) D:\Program Files on Decko\MS Office\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{651D8AC1-62D8-4EA3-BC2B-2CEB0F9F2BDB}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{66F5FC88-D288-40D5-A961-957A478C9002}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{E948482B-F97F-4992-99E6-E9C2B51AE525}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{3A0EC3AE-D976-4B9A-A9E9-ACD157F92190}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{AA4AC1FB-170C-4D22-B3F6-823DE65292C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60C19CC9-4825-4385-832A-AFF50D3245E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{990FAFCE-5250-4DB3-84E1-EDA7E241E6D7}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\SS1EE\sekhmet_x64.exe () [File not signed]
FirewallRules: [{EF193F60-3A44-43D3-B744-7332357F7F75}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\SS1EE\sekhmet_x64.exe () [File not signed]
FirewallRules: [{E13AA9E0-E212-43AD-A798-8F9CBF4A8BE3}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{00D049BD-46E9-421E-9394-C4600DE763D7}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [TCP Query User{2736F82F-8C2C-48AE-8CB6-DFFC75EE7E41}C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C9211C2B-A3FF-49B4-A7E4-C00096EE936B}C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77B3AAD6-A513-4C9B-ACCD-9B3D91247A74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11B3FDDE-5191-44D1-ABEA-305E62E00361}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5EAF3591-8C31-4FFE-91A0-854FFF154DE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F5B0360-C78F-4EA0-A7DD-FFD047838556}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0503B933-A992-4E87-AD98-B4611D7CE6D7}D:\hry\deus ex goty\system\deusex.exe] => (Allow) D:\hry\deus ex goty\system\deusex.exe (Marijn Kentie) [File not signed]
FirewallRules: [UDP Query User{EDEB0DC5-8699-4E95-BCFF-11E4B63158A1}D:\hry\deus ex goty\system\deusex.exe] => (Allow) D:\hry\deus ex goty\system\deusex.exe (Marijn Kentie) [File not signed]
FirewallRules: [{92D798EA-FCFA-4B80-92BE-DDCEF392F349}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{108F7A21-4572-42E5-BADB-1F081E40F456}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B33F98-202F-432A-819A-BADFE43F7EB7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{402DDA39-24EE-40C4-A49A-95FE32DF29C1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0ACFC5C-0595-4406-AEF9-548D620B9A1D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F58D9F75-AEED-4DBC-BCF2-A78FE4F9F508}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C59DC261-8F5B-4FE1-A3E2-1B97A9A5B65C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{948226B8-878C-4F5A-A472-032D11B7EC6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{62623920-E74B-4FC6-A9F7-8F9F9C6AC21F}D:\hry\doomsday engine\bin\doomsday.exe] => (Allow) D:\hry\doomsday engine\bin\doomsday.exe () [File not signed]
FirewallRules: [UDP Query User{A355567E-42C3-4F54-97F9-16C11481DB29}D:\hry\doomsday engine\bin\doomsday.exe] => (Allow) D:\hry\doomsday engine\bin\doomsday.exe () [File not signed]
FirewallRules: [{BC049A0A-BA18-40EE-801A-2D9E2A3082C8}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\rerelease\DOOM.exe () [File not signed]
FirewallRules: [{06BEA1BB-D2C9-4BEE-BBBD-D5EBAB143BD9}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\rerelease\DOOM.exe () [File not signed]
FirewallRules: [{C8D8A1D2-8535-47D4-B78A-4318C53445D5}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{671316BB-BA66-4C97-974D-6120B4DF1629}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{66FAE7E1-FB82-4F77-9857-49CE1DC02B6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CECF602D-EEA4-4E1A-B2BB-D824A43D6379}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8EAADFC3-D8DC-42DF-8B0E-D0E7349967FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C83534D9-D008-42EA-BBF9-39272DABED2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7271D53D-5B1A-4EDF-9797-3E2515D827BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{354DDAFB-C9A3-44B5-ACD2-3397BC3F1834}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56B657FE-EEF2-433D-90C5-2867545BAA96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7999DFE-EA39-4985-9E12-CB8D9246E92C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B91A4645-AB1B-4472-A929-115692BAB1DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFFA9980-9646-4828-9A7B-EC045419DF58}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EE7EDC6-9535-4DDE-8917-65EEA66132B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5218E82B-873C-43F8-9FC9-841758BA70E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A571BD8-8D8A-4A3D-A9A3-77314F875F3D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{10F77559-4764-445C-A41E-A30201473AFC}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{7BC5A8BC-4715-4AD3-BE95-FD54F0F4249F}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{B59015D2-773D-4845-96FD-8DEAD4825092}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{5DD711B3-CE97-435F-A76E-B0595F2B9310}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{0FAFCA0C-0A0F-44C9-94E4-C396B9FE21D2}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{0F519F11-5441-4350-9E1E-DD1F032369E8}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{66680C71-BBB8-4921-8A02-10FF6ED4D00F}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{7CF31CBE-25E8-4A00-977B-5F816CE903A9}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{0464A968-DE1E-4EEE-888E-DD630753E291}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{A29BBDBA-46D4-426D-AE7E-5E24FE22E190}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:75.92 GB) (Free:30.1 GB) (40%)

==================== Faulty Device Manager Devices ============

Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) Wi-Fi 6 AX200 160MHz
Description: Intel(R) Wi-Fi 6 AX200 160MHz
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw10
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
Error: (06/20/2021 02:15:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Notes.exe version stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3b0

Start Time: 01d765ba8a25333f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe

Report Id: 32471868-d587-4b57-a6d6-76dd8b3af6b7

Faulting package full name: Microsoft.MicrosoftStickyNotes_4.1.4.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Navigation

Error: (06/19/2021 12:44:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

Error: (06/15/2021 06:11:00 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Decko (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (06/15/2021 06:10:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Cecko (C:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

Error: (06/10/2021 11:41:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Lenovo.Modern.ImController.PluginHost.CompanionApp.exe, version:, time stamp: 0x604b7229
Faulting module name: SmartMuteMonitor.dll, version:, time stamp: 0x609660c4
Exception code: 0xc0000005
Fault offset: 0x00000000000054a3
Faulting process ID: 0x2310
Faulting application start time: 0x01d75ddcb8ffca12
Faulting application path: C:\WINDOWS\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
Faulting module path: C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppScenarioPlugin\x64\SmartMuteMonitor.dll
Report ID: 38d0ea79-17b5-4086-8744-31a7449e106e
Faulting package full name: 
Faulting package-relative application ID:

Error: (06/10/2021 11:41:11 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
   at 16b7f0c9-d0b7-4bf2-8584-9bcb10477ab1Type.GetBackgroundMusic(Boolean ByRef, Boolean ByRef)
   at PlugIn_Harmony.SmartSetting.SmartSettingHelper.IsExistBackstageMusic(PlugIn_Harmony.Models.ProcessInfoType ByRef)
   at PlugIn_Harmony.SmartSetting.SmartSettingScene.GetCurrentSceneCategory(PlugIn_Harmony.Models.ProcessInfoType ByRef, PlugIn_Harmony.Models.ActiveWindowAppInfo ByRef)
   at PlugIn_Harmony.Monitor.ActiveAppMonitor.WinEventReceived()
   at PlugIn_Harmony.Monitor.ActiveAppMonitor.RegNotify()
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()

Error: (05/26/2021 03:04:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Notes.exe version stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3ae8

Start Time: 01d751880594d884

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.8.8.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe

Report Id: 0e95e2ca-8ee6-498d-815a-4f714c476577

Faulting package full name: Microsoft.MicrosoftStickyNotes_3.8.8.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (05/10/2021 12:08:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: The storage optimiser couldn't complete re-trim on Decko (D:) because: The operation requested is not supported by the hardware backing the volume. (0x8900002A)

System errors:
Error: (06/21/2021 11:05:21 AM) (Source: DCOM) (EventID: 10010) (User: MYTHOLOGY2-LGN)
Description: The server {20532D01-15BE-4BB9-A727-CA34555D881C} did not register with DCOM within the required timeout.

Error: (06/21/2021 10:47:46 AM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/21/2021 10:47:23 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/21/2021 10:47:23 AM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/20/2021 06:16:17 PM) (Source: DCOM) (EventID: 10010) (User: MYTHOLOGY2-LGN)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (06/20/2021 11:24:00 AM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/20/2021 11:23:46 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/20/2021 11:23:46 AM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Windows Defender:
Date: 2021-06-20 16:05:14
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-20 14:05:29
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-20 11:20:06
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-20 10:53:52
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-11 10:47:08
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-10 17:34:31
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.341.449.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18200.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

Date: 2021-06-10 17:34:31
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.341.449.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18200.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

Date: 2021-06-06 21:28:15
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.201.0
Previous security intelligence Version: 1.339.1745.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-06 21:28:15
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.201.0
Previous security intelligence Version: 1.339.1745.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-06 21:28:15
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

==================== Memory info =========================== 

BIOS: LENOVO FSCN18WW 01/01/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 4800H with Radeon Graphics 
Percentage of memory in use: 39%
Total physical RAM: 15741.32 MB
Available physical RAM: 9570.81 MB
Total Virtual: 18173.32 MB
Available Virtual: 8406.14 MB

==================== Drives ================================

Drive c: (Cecko) (Fixed) (Total:75.92 GB) (Free:30.1 GB) NTFS
Drive d: (Decko) (Fixed) (Total:866.18 GB) (Free:208.53 GB) NTFS

\\?\Volume{5a814d35-735c-4eb4-bbe9-4affc70deb96}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{8bec5fd6-ab28-4afa-881d-1461f021d71f}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

Disk: 0 (Size: 476.9 GB) (Disk ID: D9FA2484)

Partition: GPT.

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2B19C2B4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)

==================== End of Addition.txt =======================

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#2 Příspěvek od Rudy »

Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#3 Příspěvek od Ronnie Basic »

Mhm. Dekuji za rychlou reakci a posilam log. Snad jeste neni pozde, vykon se propadl o ~ 80% jeste pred Adwcleanerem (musel jsem ho spoustet z elevated command prompt) a mam co delat odeslat tento post...

Vysledek scanu frontend zahlasil jako '0 infections found'. Vyzval me k rebootu, po nemz akorat vypnul Quick Launch bar a Lenovo utilitku na setreni baterky. No change to performance :-(.


Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner
# -------------------------------
# Build:    03-22-2021
# Database: 2021-05-17.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    06-21-2021
# Duration: 00:00:35
# OS:       Windows 10 Pro
# Cleaned:  7
# Awaiting reboot:2
# Failed:   0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted       Preinstalled.LenovoIMController   Folder   C:\ProgramData\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Folder   C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted       Preinstalled.LenovoIMController   Registry   HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted       Preinstalled.LenovoServiceBridge   Folder   C:\Users\sousedovic\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Deleted       Preinstalled.LenovoServiceBridge   Registry   HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Needs Reboot  Preinstalled.LenovoIMController   Folder   C:\Users\sousedovic\AppData\Local\LENOVO\IMCONTROLLER
Needs Reboot  Preinstalled.LenovoIMController   Folder   C:\Windows\LENOVO\IMCONTROLLER


[+] Delete Tracing Keys
[+] Reset Winsock


***** Reboot Required to Complete *****

***** [ Folders ] *****

Cleaning failed   C:\Users\sousedovic\AppData\Local\LENOVO\IMCONTROLLER
Cleaning failed   C:\Windows\LENOVO\IMCONTROLLER


AdwCleaner[S00].txt - [2131 octets] - [21/06/2021 14:44:20]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#5 Příspěvek od Ronnie Basic »

Here you go, sir.
Zacal to byt masakr : Ytb video se prehrava rychlosti jakoby 1/12, otevrit fotku na Plose trva 2 min... oh my.
Jdu se zatim podivat na HW stranku veci, jaka je teplota CPU a tak.


Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-06-2021
Ran by sousedovic (administrator) on MYTHOLOGY2-LGN (LENOVO 82B1) (21-06-2021 16:54:53)
Running from C:\Users\sousedovic\Desktop
Loaded Profiles: sousedovic
Platform: Windows 10 Pro Version 21H1 19043.1052 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) D:\Program Files on Decko\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) D:\Program Files on Decko\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359763.inf_amd64_cbe903b159d3b969\B359805\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0359763.inf_amd64_cbe903b159d3b969\B359805\atiesrxx.exe
(Dolby Laboratories, Inc. -> ) C:\ProgramData\Dolby\DAX3\RADARHOST\DSRHost.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\\Lenovo.Vantage.AddinHost.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo(beijing) Limited) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2fcf64020e032ea8\LenovoUtilityService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\Display.NvContainer\NVDisplay.Container.exe <2>
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\CTHelper.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\DisplayTuneService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138976 2020-08-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DisplayTune.exe] => D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\...\Winlogon: [LegalNoticeText] If you see it, it is already too late.
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Run: [GalaxyClient] => [X]
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
Startup: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2021-01-12]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> D:\Program Files on Decko\MS Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00E317D5-8872-413C-9E6A-0AE36D291967} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0DDDF332-283B-47F4-B330-954E8B7704EE} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe [23968 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
Task: {1BDFA6AA-6751-4E67-9482-C1B663DDD3C1} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3767460464-1733564075-1801547666-1001 => C:\Users\sousedovic\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe
Task: {1FF7C8B1-A276-46A1-8767-B58C08535F72} - \Lenovo\ImController\TimeBasedEvents\cda1ba29-148a-4722-9890-4eb7c2992466 -> No File <==== ATTENTION
Task: {233C98AE-BDF0-4341-9308-159648232A4E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3945F269-4C83-48DE-959D-669C0F812F43} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {43542EF2-C1C0-48F2-AF83-9DCB34E55D3C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {484522FA-B516-4762-8DDA-F2F7038306E6} - \Lenovo\ImController\TimeBasedEvents\5982891a-5909-4787-b29c-53b7b2774003 -> No File <==== ATTENTION
Task: {4FE7532A-B702-4976-AB6B-34A06B5D7834} - System32\Tasks\StartDVR => D:\Program Files on Decko\AMD\CNext\CNext\RSServCmd.exe [69304 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {51C3E6EF-903B-4F31-95D4-60327C3E3ADC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {535C6198-5785-4274-8B57-45FB9F32DB26} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {53BCB41C-24AA-4796-B4AE-3D6335EB3FC1} - System32\Tasks\AMDLinkUpdate => D:\Program Files on Decko\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6A84B70B-3212-432B-96B9-45A6F6AF8D17} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {74363998-FE19-415C-9E03-DC1814ADF35E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\EXPLORER.EXE /NOUACCHECK
Task: {78E979AA-6D2C-437A-9B12-C0AB2B06F95A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7A3749A3-2664-44E1-B29D-9217CA3BEAB7} - System32\Tasks\ModifyLinkUpdate => D:\Program Files on Decko\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {80F46303-0375-4FED-B33D-68C523861871} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\\ScheduleEventAction.exe
Task: {927926AD-C7F3-424C-AB22-CC2F01F50904} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe
Task: {9986BEF8-8270-4741-B040-EF113204426B} - System32\Tasks\AMDInstallLauncher => D:\Program Files on Decko\AMD\CIM\Bin64\InstallManagerApp.exe [1710464 2020-11-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {A02B102B-9457-4664-A0C2-83C76AEA7DA8} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A748D6B7-FE1D-412E-9272-013A4D984DA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {A98E7C13-9909-44B6-BDF5-B81AA0ACB34C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {ACA88E99-7E34-4DCA-9222-45D6A5DC8D46} - System32\Tasks\StartCN => D:\Program Files on Decko\AMD\CNext\CNext\cncmd.exe [61624 2020-11-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {AF117941-FD29-4B8F-A5EB-68958A7D66D9} - \Lenovo\ImController\TimeBasedEvents\11e461df-becc-47c1-8359-85519bae8230 -> No File <==== ATTENTION
Task: {B6701416-876D-4452-83C3-BE3D3C3AA7E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {C26F3372-4128-45E3-A20E-FEAE6D7F19F7} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CCBE0695-D07C-4488-A3BE-BBA6889A7E7A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {CE55DAC8-12A8-4C3E-82AF-950482E6AC4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D88F5F9A-BE9B-41B8-A809-573E29DF721F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {E2C34C06-7EEC-4532-995C-72B1C25959FA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E7F9D9FF-8BFC-45B3-B413-BA39BE1F7592} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F2066E47-E13F-4C2A-8DB4-AAD3E5538177} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {F6BC268B-9CF9-433D-8C2A-B168D0A59BC2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{6fe6c11f-5553-4d7f-80e3-b4a5fd991393}: [DhcpNameServer]
Tcpip\..\Interfaces\{a2083059-fca6-43cf-9551-a17c3e614e42}: [DhcpNameServer]

Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\sousedovic\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-21]

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Program Files on Decko\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Program Files on Decko\MS Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files on Decko\MS Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

CHR Profile: C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default [2021-06-21]
CHR Notifications: Default -> hxxps://tinder.com
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","file:///C:/Users/Public/KPMG/Chrome_homepage/Google_Startup.htm","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Slides) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-12-25]
CHR Extension: (Docs) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-12-25]
CHR Extension: (Google Drive) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-25]
CHR Extension: (YouTube) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-12-25]
CHR Extension: (Sheets) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-12-25]
CHR Extension: (Google Docs Offline) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-19]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-03]
CHR Extension: (Referer Control) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2020-12-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AOCDTAOCGMenuService; D:\Program Files on Decko\AOC G-Menu\DisplayTuneService.exe [212768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2020-12-26] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S3 GalaxyClientService; D:\Program Files on Decko\GOG Galaxy\GalaxyClientService.exe [1874272 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
S4 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6840672 2021-03-26] (GOG Sp. z o.o. -> GOG.com)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoFnAndFunctionKeys; C:\WINDOWS\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_2fcf64020e032ea8\LenovoUtilityService.exe [531360 2021-02-23] (Lenovo -> Lenovo(beijing) Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\LenovoVantageService.exe [28576 2021-05-17] (Lenovo -> Lenovo Group Ltd.)
S4 OpenVPNService; D:\Program Files on Decko\OpenVPN 2.1\bin\openvpnserv.exe [36352 2009-12-12] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5393304 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BazisPortableCDBus; C:\WINDOWS\System32\drivers\BazisPortableCDBus.sys [283480 2021-01-05] (Sysprogs OU -> Sysprogs OU)
S3 FBNetFilter; C:\WINDOWS\System32\drivers\FBNetFlt.sys [52688 2020-05-21] (LENOVO (UNITED STATES) INC. -> Lenovo Group Ltd.)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2009-12-12] (OpenVPN, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-12] (Microsoft Windows -> Microsoft Corporation)
S3 IntelCseWNP; \??\C:\WINDOWS\system32\drivers\wnpdriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-21 16:54 - 2021-06-21 17:02 - 000022705 _____ C:\Users\sousedovic\Desktop\FRST.txt
2021-06-21 14:40 - 2021-06-21 14:45 - 000000000 ____D C:\AdwCleaner
2021-06-21 14:33 - 2021-06-21 14:33 - 008534696 _____ (Malwarebytes) C:\Users\sousedovic\Desktop\adwcleaner_8.2.exe
2021-06-21 11:10 - 2021-06-21 16:58 - 000000000 ____D C:\FRST
2021-06-21 11:09 - 2021-06-21 11:08 - 002300416 _____ (Farbar) C:\Users\sousedovic\Desktop\FRST64.exe
2021-06-14 10:44 - 2021-06-14 10:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-12 10:30 - 2021-06-12 10:30 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-12 10:30 - 2021-06-12 10:30 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-12 10:29 - 2021-06-12 10:29 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-12 10:29 - 2021-06-12 10:29 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-12 10:29 - 2021-06-12 10:29 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-12 10:29 - 2021-06-12 10:29 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-12 10:29 - 2021-06-12 10:29 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-12 10:29 - 2021-06-12 10:29 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-12 10:29 - 2021-06-12 10:29 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-12 10:29 - 2021-06-12 10:29 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-12 10:29 - 2021-06-12 10:29 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-12 10:29 - 2021-06-12 10:29 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-12 10:29 - 2021-06-12 10:29 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-12 10:29 - 2021-06-12 10:29 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-08 10:45 - 2021-06-08 10:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2021-05-29 18:29 - 2021-05-29 18:29 - 000000800 _____ C:\Users\Public\Desktop\Might and Magic 8.lnk
2021-05-29 18:29 - 2021-05-29 18:29 - 000000800 _____ C:\ProgramData\Desktop\Might and Magic 8.lnk
2021-05-29 18:29 - 2021-05-29 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Might and Magic 8 - Day of the Destroyer [GOG.com]
2021-05-29 10:39 - 2021-05-29 10:39 - 000000000 ____D C:\Users\sousedovic\AppData\Local\BY-COMBO2
2021-05-24 13:50 - 2021-05-24 13:50 - 000000000 ____D C:\Users\sousedovic\AppData\LocalLow\Bethesda Softworks
2021-05-24 13:33 - 2021-05-24 13:33 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Doomsday
2021-05-24 13:33 - 2021-05-24 13:33 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Doomsday
2021-05-24 13:33 - 2021-05-24 13:33 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Deng Team

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-06-21 16:51 - 2021-01-08 15:45 - 000003152 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2021-06-21 16:51 - 2021-01-08 15:45 - 000003136 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2021-06-21 16:51 - 2021-01-08 15:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-21 15:25 - 2021-01-08 16:25 - 000687848 _____ C:\WINDOWS\system32\perfh005.dat
2021-06-21 15:25 - 2021-01-08 16:25 - 000141456 _____ C:\WINDOWS\system32\perfc005.dat
2021-06-21 15:25 - 2021-01-08 15:46 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-21 15:25 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-21 15:20 - 2020-12-25 19:38 - 000000000 ____D C:\ProgramData\NVIDIA
2021-06-21 15:18 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-21 15:17 - 2021-01-08 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-21 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-21 15:16 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-06-21 14:49 - 2020-12-25 19:53 - 000000000 ____D C:\ProgramData\Lenovo
2021-06-21 14:45 - 2021-01-08 15:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-06-21 10:54 - 2020-12-28 12:50 - 000000000 ____D C:\Users\sousedovic\AppData\Local\AMD_Common
2021-06-20 10:54 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-20 10:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-20 10:38 - 2020-12-30 19:11 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-19 11:03 - 2020-12-25 11:11 - 000000000 ____D C:\Users\sousedovic\AppData\Local\D3DSCache
2021-06-18 12:00 - 2020-12-25 10:46 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 10:41 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-17 10:21 - 2018-09-15 09:31 - 000000167 _____ C:\WINDOWS\win.ini
2021-06-16 10:22 - 2021-01-03 16:18 - 000000000 ____D C:\Users\sousedovic\AppData\Local\LenovoServiceBridge
2021-06-14 10:56 - 2020-12-25 23:26 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-14 10:44 - 2020-12-25 23:26 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-14 09:34 - 2020-12-26 05:34 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-12 10:47 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-12 10:45 - 2021-01-08 15:38 - 000452160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-12 10:44 - 2021-01-08 15:39 - 000000000 ____D C:\Users\sousedovic
2021-06-12 10:44 - 2019-12-07 16:49 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-06-12 10:44 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-06-12 10:44 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\en-GB
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-12 10:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 10:32 - 2020-12-25 11:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-10 11:41 - 2020-12-30 19:09 - 000000000 ____D C:\Users\sousedovic\AppData\Local\CrashDumps
2021-06-08 10:45 - 2020-12-25 12:32 - 000000000 ____D C:\WINDOWS\SHELLNEW
2021-06-08 10:41 - 2020-12-25 12:32 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Microsoft Help
2021-06-06 21:27 - 2020-12-25 21:05 - 000005400 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-05-29 18:24 - 2020-12-25 19:14 - 000000000 ____D C:\Users\sousedovic\Desktop\Gamesky
2021-05-27 08:44 - 2021-02-10 09:43 - 000000000 ____D C:\ProgramData\boost_interprocess
2021-05-25 07:48 - 2020-12-26 05:34 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-05-25 07:48 - 2020-12-26 05:34 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-24 13:49 - 2021-01-08 12:10 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2021-05-24 13:48 - 2020-12-26 11:23 - 000001312 _____ C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam.lnk

==================== Files in the root of some directories ========

2020-12-31 16:52 - 2020-12-31 16:52 - 000007605 _____ () C:\Users\sousedovic\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2021
Ran by sousedovic (21-06-2021 17:15:54)
Running from C:\Users\sousedovic\Desktop
Windows 10 Pro Version 21H1 19043.1052 (X64) (2021-01-08 13:45:27)
Boot Mode: Normal

==================== Accounts: =============================

Administrator (S-1-5-21-3767460464-1733564075-1801547666-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3767460464-1733564075-1801547666-503 - Limited - Disabled)
Guest (S-1-5-21-3767460464-1733564075-1801547666-501 - Limited - Disabled)
sousedovic (S-1-5-21-3767460464-1733564075-1801547666-1001 - Administrator - Enabled) => C:\Users\sousedovic
WDAGUtilityAccount (S-1-5-21-3767460464-1733564075-1801547666-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat  9 Pro - Czech, Hungarian, Polish, Slovak (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
Albion (HKLM-x32\...\1436955815_is1) (Version: 1.38 - GOG.com)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 20.11.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: - Advanced Micro Devices, Inc.) Hidden
AOC G-Menu (HKLM\...\{177B7213-4D12-49AD-9746-C532580D6D52}) (Version: 1.2.003 - Portrait Displays, Inc.)
Branding64 (HKLM\...\{856DA29A-EA4A-468B-BBC2-B5F60DD75BFE}) (Version: 1.00.0002 - Advanced Micro Devices, Inc.) Hidden
Deus Ex GOTY (HKLM-x32\...\1207658995_is1) (Version: 1.112fm(Revision - GOG.com)
Deus Ex New Vision (HKLM-x32\...\Deus Ex New Vision) (Version: 1.5 - DaveW)
Deus Ex Revision (HKLM-x32\...\1525634891_is1) (Version: 1.112fm(Revision - GOG.com)
Doomsday (HKLM\...\{9D9190C1-135F-4107-A36F-09AE5EA318BE}) (Version: - dengine.net)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.106 - Google LLC)
Into the Breach (HKLM-x32\...\2004253604_is1) (Version: 1.2.24 - GOG.com)
Lenovo Diagnostics Tool (HKLM\...\{01ADF966-E3BA-40DC-9037-E90BBA9ED50E}_is1) (Version: - LENOVO (UNITED STATES) INC.)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.54 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM-x32\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Teams) (Version: - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Might and Magic 3 - Isles of Terra (HKLM-x32\...\1207661223_is1) (Version: 1.0 - GOG.com)
Might and Magic 8: Day of the Destroyer (HKLM-x32\...\1207658918_is1) (Version: 1.0 - GOG.com)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.8.8 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation)
NVIDIA Graphics Driver 460.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.89 - NVIDIA Corporation)
NVIDIA HD Audio Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenMW 0.46.0 (HKLM-x32\...\OpenMW 0.46.0) (Version: 0.46.0 - OpenMW.org)
OpenVPN 2.1.1 (HKLM-x32\...\OpenVPN) (Version: 2.1.1 - )
OpenXcom 1.0 (HKLM-x32\...\OpenXcom) (Version: - OpenXcom Developers)
Path of Diablo Launcher (HKLM-x32\...\{D75E54DA-3861-4F8B-94BD-7675F83CB70F}) (Version: 2.0.0 - Path of Diablo)
Project Diablo 2 (HKLM-x32\...\{822B3055-5F16-4934-A1FC-378AB0181A66}_is1) (Version: 1.0 - projectdiablo2.com)
Pulse Application Launcher (HKLM-x32\...\{20CDFDBB-18B5-4827-A3D0-71D36A125E96}) (Version: 9.1.6725 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Pulse_Setup_Client) (Version: - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: - Pulse Secure, LLC)
Python 3.8.7 (64-bit) (HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\{a32da68d-eab0-48d8-947e-8187f9630441}) (Version: 3.8.7150.0 - Python Software Foundation)
Python 3.8.7 Add to Path (64-bit) (HKLM\...\{87D866F1-94A9-40D2-BA58-F4C3BFA6A225}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Core Interpreter (64-bit) (HKLM\...\{103C9234-4C33-47A7-BA73-0182EFAEE1AE}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Development Libraries (64-bit) (HKLM\...\{2B5CFC34-DF9D-46E1-B74A-A4D756AA27B8}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Documentation (64-bit) (HKLM\...\{AB51D764-256F-4FFC-9F00-FD97EE8D4AE4}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Executables (64-bit) (HKLM\...\{E9451150-5D78-4B5B-A7F7-2C1DE01EAA87}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 pip Bootstrap (64-bit) (HKLM\...\{408439E9-1A19-4C26-B5DD-EE7C39ADF749}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Standard Library (64-bit) (HKLM\...\{4FAEBB7B-E3A6-4E85-8D3C-8DD3C53C7A4E}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Tcl/Tk Support (64-bit) (HKLM\...\{4D4E250E-7002-4B30-ADCD-4FCEBBCC015B}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Test Suite (64-bit) (HKLM\...\{4D1D56DE-8FA6-4309-941F-F4B41BA36AA1}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python 3.8.7 Utility Scripts (64-bit) (HKLM\...\{555B15D5-5D22-4AD4-AD91-D2D8085D198F}) (Version: 3.8.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{978F3F47-FE6A-4CA8-B412-2A48C0DB05AE}) (Version: 3.8.7294.0 - Python Software Foundation)
Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: - Samsung Electronics)
Samsung NVM Express Driver (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: - Samsung Electronics Co., Ltd) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0409-0000-0000000FF1CE}_Office14.OMUI.en-us_{840912CB-128E-4A73-9CD9-F807BC9B7684}) (Version:  - Microsoft)
The Elder Scrolls III - Morrowind GotY (HKLM-x32\...\1435828767_is1) (Version: - GOG.com)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.3.22 - Black Tree Gaming Ltd.)
Wizardry 7 (DOS Version) (HKLM-x32\...\GOGPACKWIZARDRY7DOS_is1) (Version: - GOG.com)
X-COM - UFO Defense (HKLM-x32\...\1445250340_is1) (Version: - GOG.com)
X-COM: Terror from the Deep (HKLM-x32\...\1445249983_is1) (Version: 2.1 - GOG.com)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: - ZONER software)

Bluetooth Audio Receiver -> C:\Program Files\WindowsApps\55746MarkSmirnov.BluetoothAudioReveicer_1.1.5.0_x64__xwrbx6997tsfc [2021-06-19] (Mark Smirnov)
Citrix Workspace -> C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54 [2021-06-19] (Citrix) [Startup Task]
Dolby Atmos for Gaming -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAtmosforGaming_3.20602.609.0_x64__rz1tebttyb220 [2020-12-25] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa [2021-04-26] (Apple Inc.) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2105.16.0_x64__k1h2ywk1493x8 [2021-06-19] (LENOVO INC.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-20] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-05-26] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2021-01-08] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2020-12-30] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0 [2021-06-11] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3767460464-1733564075-1801547666-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\sousedovic\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files on Decko\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files on Decko\Notepad++\NppShell_06.dll [2020-06-24] (Notepad++ -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files on Decko\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2020-11-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_5e6febeaa198591c\nvshext.dll [2020-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files on Decko\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files on Decko\Adobe Acrobat 9 Pro\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\sousedovic\Desktop\CMD ADMIN rights.lnk -> D:\Koalova slozka\PSTools\Ronnie\CMD with full ADMIN rights.bat ()
Shortcut: C:\Users\sousedovic\Desktop\Gamesky\Wizardry 7 + automap  NOT AS ADMIN.lnk -> D:\CloneCD profily\Wizardry 7 [DOS version - GOG original]\03_Automap mod for DOS\playwiz7.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Add a new TAP virtual ethernet adapter.lnk -> D:\Program Files on Decko\OpenVPN 2.1\bin\addtap.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Delete ALL TAP virtual ethernet adapters.lnk -> D:\Program Files on Decko\OpenVPN 2.1\bin\deltapall.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dungeon Master 2\www.oldgames.sk.lnk -> hxxp:

==================== Loaded Modules (Whitelisted) =============

2020-07-27 15:14 - 2020-07-27 15:14 - 000017920 _____ () [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\libEGL.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 003567616 _____ () [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\libGLESv2.dll
2020-11-13 15:48 - 2020-11-13 15:48 - 001470976 _____ (Advanced Micro Devices, Inc.) [File not signed] D:\Program Files on Decko\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-03-02 15:19 - 2017-03-02 15:19 - 000310272 ____N (easyhook.codeplex.com) [File not signed] C:\ProgramData\Dolby\DAX3\RADARHOST\EasyHook64.dll
2021-01-05 15:08 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] D:\Program Files on Decko\7-Zip\7-zip.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000039424 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000031744 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000414720 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000025088 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000024576 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000023552 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000532992 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 001441792 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 001189888 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000134656 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 006184448 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Core.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 006867456 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Gui.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 001104896 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Network.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000325120 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Positioning.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 003668480 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Qml.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000517120 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QmlModels.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000051712 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 004228608 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Quick.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000171008 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 001085440 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000205824 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Sql.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000329728 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Svg.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000127488 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WebChannel.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000390656 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WebEngine.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 095598080 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 005587968 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Widgets.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000462848 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5WinExtras.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 000188928 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5Xml.dll
2020-07-27 15:14 - 2020-07-27 15:14 - 002878464 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000055808 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000059392 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000284160 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000333824 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000136704 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000090112 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000313856 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-07-27 15:15 - 2020-07-27 15:15 - 000017920 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-11-13 16:00 - 2020-11-13 16:00 - 000091648 _____ (The Qt Company Ltd.) [File not signed] D:\Program Files on Decko\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files on Decko\MS Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> D:\Program Files on Decko\Python 3.8\Scripts\;D:\Program Files on Decko\Python 3.8\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AMD Crash Defender Service => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GalaxyClientService => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: OpenVPNService => 3
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\StartupApproved\StartupFolder: => "Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk"
HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\StartupApproved\Run: => "GogGalaxy"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6B3A99B8-64E1-4D2D-A48F-F817621CD5B6}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{85801AC7-48BE-4780-B35B-92D924DAD55A}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Black Mesa\bms.exe () [File not signed]
FirewallRules: [{A656639C-795A-47E7-9726-35B14C01D422}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{9776298B-32A7-49E5-8187-CB468A0DA81B}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{C85B3951-EE99-4A09-A571-48BAF98B6132}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [UDP Query User{A9705FEE-2C8F-4C34-906F-EC9DADF9C100}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{32A12C71-B1EA-4C3A-87BE-BA9341E368ED}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{D959DBB4-E11F-440F-8421-F7ABD65E5297}] => (Allow) D:\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{1B84C2E5-9FCD-48C3-9D3F-681A3D3AAF20}] => (Allow) D:\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{DE789C01-ADE7-4145-80D0-DEF6CB358C5D}D:\program files on decko\steam\steam.exe] => (Allow) D:\program files on decko\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{3D28CFE0-42D4-4837-8A0A-7A17D87DAE76}D:\program files on decko\steam\steam.exe] => (Allow) D:\program files on decko\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0223CA91-5127-464A-ACE3-327A4B7D7BF0}] => (Allow) D:\Program Files on Decko\MS Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D7169C3-134C-4CCD-8364-3F31261AAC9C}] => (Allow) D:\Program Files on Decko\MS Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA0D392C-83AE-4785-B693-4BCD6DE83E69}] => (Allow) D:\Program Files on Decko\MS Office\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{651D8AC1-62D8-4EA3-BC2B-2CEB0F9F2BDB}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{66F5FC88-D288-40D5-A961-957A478C9002}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{E948482B-F97F-4992-99E6-E9C2B51AE525}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{3A0EC3AE-D976-4B9A-A9E9-ACD157F92190}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{AA4AC1FB-170C-4D22-B3F6-823DE65292C0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{60C19CC9-4825-4385-832A-AFF50D3245E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{990FAFCE-5250-4DB3-84E1-EDA7E241E6D7}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\SS1EE\sekhmet_x64.exe () [File not signed]
FirewallRules: [{EF193F60-3A44-43D3-B744-7332357F7F75}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\SS1EE\sekhmet_x64.exe () [File not signed]
FirewallRules: [{E13AA9E0-E212-43AD-A798-8F9CBF4A8BE3}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{00D049BD-46E9-421E-9394-C4600DE763D7}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [TCP Query User{2736F82F-8C2C-48AE-8CB6-DFFC75EE7E41}C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C9211C2B-A3FF-49B4-A7E4-C00096EE936B}C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{77B3AAD6-A513-4C9B-ACCD-9B3D91247A74}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11B3FDDE-5191-44D1-ABEA-305E62E00361}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5EAF3591-8C31-4FFE-91A0-854FFF154DE8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0F5B0360-C78F-4EA0-A7DD-FFD047838556}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{0503B933-A992-4E87-AD98-B4611D7CE6D7}D:\hry\deus ex goty\system\deusex.exe] => (Allow) D:\hry\deus ex goty\system\deusex.exe (Marijn Kentie) [File not signed]
FirewallRules: [UDP Query User{EDEB0DC5-8699-4E95-BCFF-11E4B63158A1}D:\hry\deus ex goty\system\deusex.exe] => (Allow) D:\hry\deus ex goty\system\deusex.exe (Marijn Kentie) [File not signed]
FirewallRules: [{92D798EA-FCFA-4B80-92BE-DDCEF392F349}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{108F7A21-4572-42E5-BADB-1F081E40F456}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B3B33F98-202F-432A-819A-BADFE43F7EB7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{402DDA39-24EE-40C4-A49A-95FE32DF29C1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E0ACFC5C-0595-4406-AEF9-548D620B9A1D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F58D9F75-AEED-4DBC-BCF2-A78FE4F9F508}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C59DC261-8F5B-4FE1-A3E2-1B97A9A5B65C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{948226B8-878C-4F5A-A472-032D11B7EC6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{62623920-E74B-4FC6-A9F7-8F9F9C6AC21F}D:\hry\doomsday engine\bin\doomsday.exe] => (Allow) D:\hry\doomsday engine\bin\doomsday.exe () [File not signed]
FirewallRules: [UDP Query User{A355567E-42C3-4F54-97F9-16C11481DB29}D:\hry\doomsday engine\bin\doomsday.exe] => (Allow) D:\hry\doomsday engine\bin\doomsday.exe () [File not signed]
FirewallRules: [{BC049A0A-BA18-40EE-801A-2D9E2A3082C8}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\rerelease\DOOM.exe () [File not signed]
FirewallRules: [{06BEA1BB-D2C9-4BEE-BBBD-D5EBAB143BD9}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\rerelease\DOOM.exe () [File not signed]
FirewallRules: [{C8D8A1D2-8535-47D4-B78A-4318C53445D5}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{671316BB-BA66-4C97-974D-6120B4DF1629}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\Ultimate Doom\base\dosbox.exe (DOSBox Team) [File not signed]
FirewallRules: [{66FAE7E1-FB82-4F77-9857-49CE1DC02B6E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CECF602D-EEA4-4E1A-B2BB-D824A43D6379}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8EAADFC3-D8DC-42DF-8B0E-D0E7349967FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C83534D9-D008-42EA-BBF9-39272DABED2E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7271D53D-5B1A-4EDF-9797-3E2515D827BA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{354DDAFB-C9A3-44B5-ACD2-3397BC3F1834}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{56B657FE-EEF2-433D-90C5-2867545BAA96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D7999DFE-EA39-4985-9E12-CB8D9246E92C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.161.583.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B91A4645-AB1B-4472-A929-115692BAB1DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BFFA9980-9646-4828-9A7B-EC045419DF58}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EE7EDC6-9535-4DDE-8917-65EEA66132B5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5218E82B-873C-43F8-9FC9-841758BA70E9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A571BD8-8D8A-4A3D-A9A3-77314F875F3D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{10F77559-4764-445C-A41E-A30201473AFC}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{7BC5A8BC-4715-4AD3-BE95-FD54F0F4249F}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{B59015D2-773D-4845-96FD-8DEAD4825092}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{5DD711B3-CE97-435F-A76E-B0595F2B9310}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{0FAFCA0C-0A0F-44C9-94E4-C396B9FE21D2}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{0F519F11-5441-4350-9E1E-DD1F032369E8}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{66680C71-BBB8-4921-8A02-10FF6ED4D00F}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{7CF31CBE-25E8-4A00-977B-5F816CE903A9}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{0464A968-DE1E-4EEE-888E-DD630753E291}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FirewallRules: [{A29BBDBA-46D4-426D-AE7E-5E24FE22E190}] => (Allow) C:\Program Files\WindowsApps\D50536CD.CitrixReceiver_21.6.0.0_x86__hmf6bx7z76t54\VFS\ProgramFilesX86\Citrix\ICA Client\wfica32.exe (Citrix Systems, Inc. -> Citrix Systems, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:75.92 GB) (Free:30.12 GB) (40%)

==================== Faulty Device Manager Devices ============

Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) Wi-Fi 6 AX200 160MHz
Description: Intel(R) Wi-Fi 6 AX200 160MHz
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw10
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: ========================

Application errors:
Error: (06/21/2021 03:13:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Notes.exe version stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 234c

Start Time: 01d7669f1b51cffd

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe

Report Id: 1a52f025-8286-4b20-94da-6407553ebd88

Faulting package full name: Microsoft.MicrosoftStickyNotes_4.1.4.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (06/21/2021 03:10:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007045b, A system shutdown is in progress.

Error: (06/21/2021 03:10:00 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

Error: (06/21/2021 02:37:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1023 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 550

Start Time: 01d7669a1a31ed7c

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 63edc0af-1a15-4ebf-94b1-8e75c756353a

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Cross-thread

Error: (06/21/2021 02:36:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1023 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1c0c

Start Time: 01d76699e3390650

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: c07e99ca-acb4-49e2-9bcd-3fef71029f27

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Unknown

Error: (06/21/2021 02:35:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.19041.1023 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1c38

Start Time: 01d766989fcc933c

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: 5422a0fe-a96f-4612-a6ec-bd58cd060f2b

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Unknown

Error: (06/20/2021 02:15:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Notes.exe version stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3b0

Start Time: 01d765ba8a25333f

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe

Report Id: 32471868-d587-4b57-a6d6-76dd8b3af6b7

Faulting package full name: Microsoft.MicrosoftStickyNotes_4.1.4.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Navigation

Error: (06/19/2021 12:44:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.

System errors:
Error: (06/21/2021 03:17:30 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/21/2021 03:16:58 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/21/2021 03:16:58 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/21/2021 03:11:21 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/21/2021 03:10:47 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/21/2021 03:10:47 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/21/2021 02:48:22 PM) (Source: volmgr) (EventID: 45) (User: )
Description: The system could not sucessfully load the crash dump driver.

Error: (06/21/2021 02:47:48 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Windows Defender:
Date: 2021-06-21 14:23:18
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-21 12:08:13
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-20 16:05:14
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-20 14:05:29
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-20 11:20:06
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-06-10 17:34:31
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.341.449.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18200.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

Date: 2021-06-10 17:34:31
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.341.449.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.18200.4
Error code: 0x80240022
Error description: The program can't check for definition updates. 

Date: 2021-06-06 21:28:15
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.201.0
Previous security intelligence Version: 1.339.1745.0
Update Source: User
Security intelligence Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-06 21:28:15
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 1.341.201.0
Previous security intelligence Version: 1.339.1745.0
Update Source: User
Security intelligence Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

Date: 2021-06-06 21:28:15
Microsoft Defender Antivirus has encountered an error trying to update the engine.
New Engine Version: 1.1.18200.4
Previous Engine Version: 1.1.18100.6
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

==================== Memory info =========================== 

BIOS: LENOVO FSCN18WW 01/01/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD Ryzen 7 4800H with Radeon Graphics 
Percentage of memory in use: 35%
Total physical RAM: 15741.32 MB
Available physical RAM: 10158.53 MB
Total Virtual: 18173.32 MB
Available Virtual: 9416.2 MB

==================== Drives ================================

Drive c: (Cecko) (Fixed) (Total:75.92 GB) (Free:30.12 GB) NTFS
Drive d: (Decko) (Fixed) (Total:866.18 GB) (Free:208.75 GB) NTFS

\\?\Volume{5a814d35-735c-4eb4-bbe9-4affc70deb96}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{8bec5fd6-ab28-4afa-881d-1461f021d71f}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

Disk: 0 (Size: 476.9 GB) (Disk ID: D9FA2484)

Partition: GPT.

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2B19C2B4)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=42)

==================== End of Addition.txt =======================

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:

HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Run: [GalaxyClient] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1FF7C8B1-A276-46A1-8767-B58C08535F72} - \Lenovo\ImController\TimeBasedEvents\cda1ba29-148a-4722-9890-4eb7c2992466 -> No File <==== ATTENTION
Task: {484522FA-B516-4762-8DDA-F2F7038306E6} - \Lenovo\ImController\TimeBasedEvents\5982891a-5909-4787-b29c-53b7b2774003 -> No File <==== ATTENTION
Task: {A748D6B7-FE1D-412E-9272-013A4D984DA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {A98E7C13-9909-44B6-BDF5-B81AA0ACB34C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {AF117941-FD29-4B8F-A5EB-68958A7D66D9} - \Lenovo\ImController\TimeBasedEvents\11e461df-becc-47c1-8359-85519bae8230 -> No File <==== ATTENTION
Task: {B6701416-876D-4452-83C3-BE3D3C3AA7E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {D88F5F9A-BE9B-41B8-A809-573E29DF721F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {F2066E47-E13F-4C2A-8DB4-AAD3E5538177} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
FirewallRules: [UDP Query User{A9705FEE-2C8F-4C34-906F-EC9DADF9C100}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{32A12C71-B1EA-4C3A-87BE-BA9341E368ED}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{651D8AC1-62D8-4EA3-BC2B-2CEB0F9F2BDB}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{66F5FC88-D288-40D5-A961-957A478C9002}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{E948482B-F97F-4992-99E6-E9C2B51AE525}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{3A0EC3AE-D976-4B9A-A9E9-ACD157F92190}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#7 Příspěvek od Ronnie Basic »

Done as advised. PFB

CPU i GPU temp ~ 40*, coz je temer teplota u nas v obyvaku -> looks good
Zacinam se ale obavat, jak hluboke issue tohle je. Win 10 mi ted bootoval snad 5 min. Normalne to trvalo < 15 sec. :-(

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-06-2021
Ran by sousedovic (21-06-2021 18:29:19) Run:1
Running from C:\Users\sousedovic\Desktop
Loaded Profiles: sousedovic
Boot Mode: Normal

fixlist content:

HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\...\Run: [GalaxyClient] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1FF7C8B1-A276-46A1-8767-B58C08535F72} - \Lenovo\ImController\TimeBasedEvents\cda1ba29-148a-4722-9890-4eb7c2992466 -> No File <==== ATTENTION
Task: {484522FA-B516-4762-8DDA-F2F7038306E6} - \Lenovo\ImController\TimeBasedEvents\5982891a-5909-4787-b29c-53b7b2774003 -> No File <==== ATTENTION
Task: {A748D6B7-FE1D-412E-9272-013A4D984DA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {A98E7C13-9909-44B6-BDF5-B81AA0ACB34C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {AF117941-FD29-4B8F-A5EB-68958A7D66D9} - \Lenovo\ImController\TimeBasedEvents\11e461df-becc-47c1-8359-85519bae8230 -> No File <==== ATTENTION
Task: {B6701416-876D-4452-83C3-BE3D3C3AA7E4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-25] (Google LLC -> Google LLC)
Task: {D88F5F9A-BE9B-41B8-A809-573E29DF721F} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {F2066E47-E13F-4C2A-8DB4-AAD3E5538177} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
FirewallRules: [UDP Query User{A9705FEE-2C8F-4C34-906F-EC9DADF9C100}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{32A12C71-B1EA-4C3A-87BE-BA9341E368ED}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{651D8AC1-62D8-4EA3-BC2B-2CEB0F9F2BDB}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{66F5FC88-D288-40D5-A961-957A478C9002}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\steam.exe => No File
FirewallRules: [{E948482B-F97F-4992-99E6-E9C2B51AE525}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{3A0EC3AE-D976-4B9A-A9E9-ACD157F92190}] => (Allow) E:\Zalohy\Mythology 1 - old Lenovo U40 red 2020-12-20\Decko\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File


Processes closed successfully.
"HKU\S-1-5-21-3767460464-1733564075-1801547666-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GalaxyClient" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1FF7C8B1-A276-46A1-8767-B58C08535F72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FF7C8B1-A276-46A1-8767-B58C08535F72}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\cda1ba29-148a-4722-9890-4eb7c2992466" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{484522FA-B516-4762-8DDA-F2F7038306E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{484522FA-B516-4762-8DDA-F2F7038306E6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\5982891a-5909-4787-b29c-53b7b2774003" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A748D6B7-FE1D-412E-9272-013A4D984DA7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A748D6B7-FE1D-412E-9272-013A4D984DA7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A98E7C13-9909-44B6-BDF5-B81AA0ACB34C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A98E7C13-9909-44B6-BDF5-B81AA0ACB34C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF117941-FD29-4B8F-A5EB-68958A7D66D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF117941-FD29-4B8F-A5EB-68958A7D66D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\11e461df-becc-47c1-8359-85519bae8230" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6701416-876D-4452-83C3-BE3D3C3AA7E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6701416-876D-4452-83C3-BE3D3C3AA7E4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D88F5F9A-BE9B-41B8-A809-573E29DF721F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D88F5F9A-BE9B-41B8-A809-573E29DF721F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2066E47-E13F-4C2A-8DB4-AAD3E5538177}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2066E47-E13F-4C2A-8DB4-AAD3E5538177}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A9705FEE-2C8F-4C34-906F-EC9DADF9C100}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{32A12C71-B1EA-4C3A-87BE-BA9341E368ED}D:\hry\cyberpunk 2077\bin\x64\cyberpunk2077.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{651D8AC1-62D8-4EA3-BC2B-2CEB0F9F2BDB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66F5FC88-D288-40D5-A961-957A478C9002}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E948482B-F97F-4992-99E6-E9C2B51AE525}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A0EC3AE-D976-4B9A-A9E9-ACD157F92190}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 60061720 B
Java, Flash, Steam htmlcache => 64072461 B
Windows/system/drivers => 3709550 B
Edge => 964791 B
Chrome => 1547079136 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 605124529 B
systemprofile32 => 605124529 B
LocalService => 605124529 B
NetworkService => 605562771 B
sousedovic => 637878376 B

RecycleBin => 172559 B
EmptyTemp: => 4.4 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 19:08:59 ====

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#8 Příspěvek od Rudy »

Bylo smazáno, mělo by to být v pořádku. Zkuste ještě jeden restart, případně defrag disku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#9 Příspěvek od Ronnie Basic »

Oba disky jsou SSD a defrag tool u nich hlasi 'Optimisation not avaialable'. Myslel jsem, ze defrag bylo tema za dob Win 98 a magnetickych HDD? Ale rad bych to zkusil spustit, akorat nevim, co delam spatne.

Je to fakt masakr, jako byste ze dne na den vyndal 50% RAM a dal tam o 2 tridy slabsi CPU. Pritom jsem neinstaloval nic noveho dobre 2 mesice.
Pomalu se smiruji s FORMAT C:, ach jo :-(.

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#10 Příspěvek od Rudy »

SSD se nedefragmentují. Zkusíme ještě kontrolu disků, i když si utilita s SSD moc nerozumí. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>Kopírovat sem dejte log.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#11 Příspěvek od Ronnie Basic »

Dekuji vam za tip na prima diskovy nastroj. Log nize.

Status update : prisel jsem rano k PC, 2x ho restartoval a je to o hodne lepsi (propad vykonu uz jen ~ 25%)!! Wtf?! :shock: To jako pres noc zahrmelo a elektrony se polovodicich spravne narovnaly?
Mate-li tip na root cause, co to mohlo zpusobit (= co jsme spolecne cistili v OS), byl bych mega vdecny.

[EDIT]: Beru zpet. Po c. 45 min pouzivani PC jsme zpatky. Jako by propad vykonu byl umerny casu, jak dlouho PC bezi...


Kód: Vybrat vše

CrystalDiskInfo 8.9.0 (C) 2008-2020 hiyohiyo
                                Crystal Dew World: https://crystalmark.info/

    OS : Windows 10 Professional [10.0 Build 19043] (x64)
  Date : 2021/06/22 9:55:19

-- Controller Map ----------------------------------------------------------
 - Standard SATA AHCI Controller [ATA]
 - Standard SATA AHCI Controller [ATA]
 - Microsoft Storage Spaces Controller [SCSI]
 + Samsung NVMe Controller [SCSI]
   - Samsung SSD 970 EVO 500GB
 + Standard NVM Express Controller [SCSI]

-- Disk List ---------------------------------------------------------------
 (01) KBG40ZNT512G TOSHIBA MEMORY : 512.1 GB [0/2/0, sq] - nv
 (02) Samsung SSD 970 EVO 500GB : 500.1 GB [1/3/0, sq] - nv

           Model : KBG40ZNT512G TOSHIBA MEMORY
        Firmware : 0105AELA
   Serial Number : 80DPGALMQAD1
       Disk Size : 512.1 GB
     Buffer Size : Unknown
    # of Sectors : 
   Rotation Rate : ---- (SSD)
       Interface : NVM Express
   Major Version : NVM Express 1.3
   Minor Version : 
   Transfer Mode : PCIe 3.0 x4 | PCIe 3.0 x4
  Power On Hours : 1231 hours
  Power On Count : 617 count
      Host Reads : 2468 GB
     Host Writes : 2104 GB
     Temperature : 42 C (107 F)
   Health Status : Good (97 %)
        Features : S.M.A.R.T., TRIM, VolatileWriteCache
       APM Level : ----
       AAM Level : ----
    Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Critical Warning
02 00000000013B Composite Temperature
03 000000000064 Available Spare
04 00000000000A Available Spare Threshold
05 000000000003 Percentage Used
06 0000004F0134 Data Units Read
07 000000435586 Data Units Written
08 00000318C46D Host Read Commands
09 0000035A9F9E Host Write Commands
0A 000000000131 Controller Busy Time
0B 000000000269 Power Cycles
0C 0000000004CF Power On Hours
0D 000000000008 Unsafe Shutdowns
0E 000000000000 Media and Data Integrity Errors
0F 000000000000 Number of Error Information Log Entries

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 1E0F 1E0F 3038 5044 4147 4D4C 4151 3144 2020 2020
010: 2020 2020 424B 3447 5A30 544E 3135 4732 5420 534F
020: 4948 4142 4D20 4D45 524F 2059 2020 2020 2020 2020
030: 2020 2020 3130 3530 4541 414C 8E03 8CE3 0900 0000
040: 0300 0001 A120 0007 3450 0003 0200 0000 0002 0000
050: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 001F 0703
130: 0E14 04FF 0100 0163 0167 0000 3D00 0000 1700 0000
140: 6000 3C25 0077 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 001B 0101
160: 0000 0000 0000 0000 0002 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 3B 01 64 0A 03 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 39 01 4F 00 00 00 00 00 00 00 00 00 00 00 00 00
030: 87 55 43 00 00 00 00 00 00 00 00 00 00 00 00 00
040: BC C4 18 03 00 00 00 00 00 00 00 00 00 00 00 00
050: AF 9F 5A 03 00 00 00 00 00 00 00 00 00 00 00 00
060: 31 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: 69 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: CF 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 3B 01 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

 (02) Samsung SSD 970 EVO 500GB
           Model : Samsung SSD 970 EVO 500GB
        Firmware : 2B2QEXE7
   Serial Number : S5H7NS0N541037M
       Disk Size : 500.1 GB
     Buffer Size : Unknown
    # of Sectors : 
   Rotation Rate : ---- (SSD)
       Interface : NVM Express
   Major Version : NVM Express 1.3
   Minor Version : 
   Transfer Mode : PCIe 3.0 x4 | PCIe 3.0 x4
  Power On Hours : 68 hours
  Power On Count : 612 count
      Host Reads : 409 GB
     Host Writes : 733 GB
     Temperature : 34 C (93 F)
   Health Status : Good (100 %)
        Features : S.M.A.R.T., TRIM, VolatileWriteCache
       APM Level : ----
       AAM Level : ----
    Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID RawValues(6) Attribute Name
01 000000000000 Critical Warning
02 000000000133 Composite Temperature
03 000000000064 Available Spare
04 00000000000A Available Spare Threshold
05 000000000000 Percentage Used
06 0000000D1689 Data Units Read
07 000000177687 Data Units Written
08 0000005A1D04 Host Read Commands
09 0000002D7121 Host Write Commands
0A 000000000012 Controller Busy Time
0B 000000000264 Power Cycles
0C 000000000044 Power On Hours
0D 00000000000B Unsafe Shutdowns
0E 000000000000 Media and Data Integrity Errors
0F 0000000002A7 Number of Error Information Log Entries

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 144D 144D 3553 3748 534E 4E30 3435 3031 3733 204D
010: 2020 2020 6153 736D 6E75 2067 5353 2044 3739 2030
020: 5645 204F 3035 4730 2042 2020 2020 2020 2020 2020
030: 2020 2020 4232 5132 5845 3745 3802 0025 0900 0004
040: 0300 0001 0D40 0003 1200 007A 0000 0000 0000 0000
050: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
060: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
070: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
080: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
090: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
100: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
110: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
120: 0000 0000 0000 0000 0000 0000 0000 0000 0017 0307
130: 0316 043F 0101 0166 0166 0000 0000 0000 0000 0000
140: 6000 70C0 0074 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0023 0000
160: 0000 0001 0164 0166 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
220: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 0000

-- SMART_NVME --------------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 00 33 01 64 0A 00 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 89 16 0D 00 00 00 00 00 00 00 00 00 00 00 00 00
030: 87 76 17 00 00 00 00 00 00 00 00 00 00 00 00 00
040: 04 1D 5A 00 00 00 00 00 00 00 00 00 00 00 00 00
050: 21 71 2D 00 00 00 00 00 00 00 00 00 00 00 00 00
060: 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: 64 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 44 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 0B 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: A7 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 33 01 3F 01 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#12 Příspěvek od Rudy »

Oba disky jsou OK. Kdy se vám PC zpomalil? Nebylo to po nějaké aktualizaci systému?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#13 Příspěvek od Ronnie Basic »

Good point, pane. Koukam do historie Win Upd a 1. symptomy korelovaly prakticky na den s instalaci tohoto update :
Chvili jsem googlil known issues s timto update a nenasel nic, co by se zasadne dotykalo performance.

Melo by smysl zkusit rollback, da se to vubec?

Uživatelský avatar
Site Admin
Site Admin
Příspěvky: 118375
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Zpomalene PC - prosim o kontrolu

#14 Příspěvek od Rudy »

Zkusil bych odinstalovat tu akzualizaci a pokud to nepůjde (některé aktualizace nelze odinstalovat) provést obnovu systému před datum aktualizace.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!

Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ronnie Basic
Příspěvky: 61
Registrován: 04 lis 2005 22:38

Re: Zpomalene PC - prosim o kontrolu

#15 Příspěvek od Ronnie Basic »

'This option is no longer available because your PC was updated more than 10 days ago.' Grrr, oba vime, ze to bylo < 4 dni zpatky. Steve Balmer, I am going to get your butt!!

Zkusil jsem podle navodu nize prodlouzit onu 10-day period. Dostavam ale error, ze nelze najit soubory s predchozim buildem. Muj laicky tip: jak jsme cistili ruzne temp files Adwcleanerem, byl odstranen i predchozi 'restore point', cili neni kam rollbackovat. :-(
https://www.intowindows.com/go-back-to- ... r-10-days/

-> FORMAT C: ? Tohle se mi snad zda, absolutne nechapu, jak tohle davaji bezni uzivatele (= bez pristupu na forum.viry.cz), kterym Win Upd ze dne na den jen tak znici comp.
