Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Prosím o kontrolu

#1 Příspěvek od petatape »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2023
Ran by Lenovo (administrator) on DESKTOP-NOA58GF (LENOVO 10EU0022MC) (04-06-2023 08:31:13)
Running from C:\Users\Lenovo\Desktop\FRST64.exe
Loaded Profiles: Lenovo
Platform: Microsoft Windows 11 Pro Version 21H2 22000.1936 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCopyAccelerator.exe
(C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_Z5ML7M7EV32PQUZPYH5TRQ66YWIXJTNNNXRVGIVTKNGMJNRHHFVQ\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(DeepL SE -> DeepL SE) C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_Z5ML7M7EV32PQUZPYH5TRQ66YWIXJTNNNXRVGIVTKNGMJNRHHFVQ\DeepL.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxEM.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_7ad571204ec9fcd3\Intel_PIE_Service.exe
(services.exe ->) (LENOVO -> ) C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.11600.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-04-17] (Adobe Inc. -> )
HKLM\Software\Policies\...\system: [AllowBlockingAppsAtShutdown] 0
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4152208 2023-05-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-04-17] (Adobe Inc. -> )
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\MountPoints2: {0743f09b-d11a-11ed-a92f-98eecb25f1de} - "F:\SISetup.exe"
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [290816 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\WINDOWS\system32\pxcpm.dll [953600 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\113.0.5672.129\Installer\chrmstp.exe [2023-06-01] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2023-03-03]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\Lenovo\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F083838-D9A8-4B95-8418-2382754E69ED} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {18896EE0-8FC6-4758-AFB4-6BE9A4D6A434} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27CBCAA3-D9E4-4804-895E-219ABB3B7404} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {3CDE6112-93DC-4D76-BD62-079F423E40BC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3DA05C3B-61C4-474F-AC19-3C5A570411F6} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5096144 2023-04-15] (Microsoft Windows -> Microsoft Corporation)
Task: {4C4640AC-35DD-4BD6-8EC9-DC7A508E2D26} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {53AACC03-EA9E-4CFF-8656-0BBB45B4DA7A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5639E2B2-17A4-48A2-B4FB-9BF73DCA2E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {63CB4F06-BBD7-4EF5-A5BB-4BF34213C1C0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6CA5D1D2-9BF0-44B1-B44C-4934296B68EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E9ED55A-EF5E-435E-A2F6-61EA92C11932} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26513416 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8271F183-35AD-471C-84A0-673DB6B340E1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {85AEE5B0-92E7-4B56-BBC9-46DD922899BE} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {86D13D96-82BF-4C90-86C4-0ACA7259611A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {87C7C46C-BB24-4008-BE56-83256C51296E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CF3278D6-44E4-4CD5-A4C3-CF20D8AB7637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cb0048aa-817b-4c7d-a9b0-af203f01f0c8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d05bc245-e639-48a3-b625-0fc4810a0438}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => path not found
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => path not found
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => path not found
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => path not found
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-15]
Edge Extension: (Outlook) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-14]
Edge Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2022-09-17]
Edge Extension: (Word) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-14]
Edge Extension: (Excel) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-14]
Edge Extension: (PowerPoint) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-14]
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-01-22]
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2022-01-22]
Edge Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2022-01-22]
Edge HKLM\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]
Edge HKLM-x32\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]

FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2023-06-04]
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2023-04-17]
CHR Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blgipgnbmnikbdecnjmgckmndlkebhid [2023-03-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR HKLM\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]
CHR HKLM-x32\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [473008 2022-08-02] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BtLockerService; C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe [44432 2016-01-22] (LENOVO -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11749376 2023-05-14] (Microsoft Corporation -> Microsoft Corporation)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-11-24] (Hewlett-Packard Company -> HP)
R2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [27392 2015-06-03] (LENOVO -> Lenovo)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [352632 2023-05-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe [3228464 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe [133592 2023-05-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [69152 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R3 MpKsl75ff1998; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B39554F-A05E-4547-AC49-22ABBA819579}\MpKslDrv.sys [213288 2023-06-04] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2023-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [103656 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498984 2023-05-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-31] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslaa39e5a6; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34515B66-3EE2-4957-8B37-90744DF07C96}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-04 08:31 - 2023-06-04 08:32 - 000025980 _____ C:\Users\Lenovo\Desktop\FRST.txt
2023-06-04 08:30 - 2023-06-04 08:31 - 000000000 ____D C:\FRST
2023-06-04 08:27 - 2023-06-04 08:27 - 002383360 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2023-06-04 07:28 - 2023-06-04 07:29 - 001052628 _____ C:\WINDOWS\Minidump\060423-23125-01.dmp
2023-06-01 17:38 - 2023-06-01 17:38 - 071074918 _____ C:\Users\Lenovo\Desktop\Daniel Landa Minové pole.rar
2023-05-31 20:49 - 2023-05-31 20:49 - 000206197 _____ C:\Users\Lenovo\Desktop\Invoice RE4217.pdf
2023-05-26 06:25 - 2023-05-26 06:25 - 000341923 _____ C:\Users\Lenovo\Downloads\Invoice RE4188 (1).pdf
2023-05-26 06:24 - 2023-05-26 06:24 - 000341923 _____ C:\Users\Lenovo\Desktop\Invoice RE4188.pdf
2023-05-23 20:45 - 2023-05-23 20:45 - 000072927 _____ C:\Users\Lenovo\Desktop\stitek.pdf
2023-05-19 15:17 - 2023-05-19 15:17 - 000068301 _____ C:\Users\Lenovo\Downloads\priloha_1191708477_0_O-16.5.2023_-_42_711_202_2071.pdf
2023-05-18 04:29 - 2023-05-18 04:30 - 001011260 _____ C:\WINDOWS\Minidump\051823-14468-01.dmp
2023-05-14 21:51 - 2023-05-14 21:51 - 000206144 _____ C:\Users\Lenovo\Desktop\Invoice RE4167.pdf
2023-05-14 21:48 - 2023-05-14 21:48 - 000205749 _____ C:\Users\Lenovo\Desktop\Invoice RE4156.pdf
2023-05-10 22:33 - 2023-05-10 22:33 - 000003549 _____ C:\Users\Lenovo\Downloads\stažený soubor (3).html
2023-05-10 22:32 - 2023-05-10 22:32 - 000410370 _____ C:\Users\Lenovo\Downloads\gppayment (3).html
2023-05-10 22:32 - 2023-05-10 22:32 - 000408377 _____ C:\Users\Lenovo\Downloads\kontaktujte-nas.html
2023-05-10 22:32 - 2023-05-10 22:32 - 000003549 _____ C:\Users\Lenovo\Downloads\stažený soubor (2).html
2023-05-10 22:32 - 2023-05-10 22:32 - 000003549 _____ C:\Users\Lenovo\Downloads\stažený soubor (1).html
2023-05-10 22:30 - 2023-05-10 22:30 - 000004943 _____ C:\Users\Lenovo\Downloads\BackToShop.html
2023-05-10 22:30 - 2023-05-10 22:30 - 000003549 _____ C:\Users\Lenovo\Downloads\stažený soubor.html
2023-05-10 22:29 - 2023-05-10 22:29 - 000411999 _____ C:\Users\Lenovo\Downloads\gppayment (2).html
2023-05-10 22:29 - 2023-05-10 22:29 - 000009700 _____ C:\Users\Lenovo\Downloads\GoPay.html
2023-05-10 22:28 - 2023-05-10 22:28 - 000411999 _____ C:\Users\Lenovo\Downloads\gppayment.html
2023-05-10 22:28 - 2023-05-10 22:28 - 000411999 _____ C:\Users\Lenovo\Downloads\gppayment (1).html
2023-05-09 22:24 - 2023-05-09 22:24 - 000000000 ___HD C:\$WinREAgent
2023-05-06 19:20 - 2023-05-06 19:20 - 000643700 _____ C:\Users\Lenovo\Downloads\priloha_1166997248_0_Dotace_zemědělci_sign_sign.pdf
2023-05-06 19:07 - 2023-05-06 19:07 - 000063868 _____ C:\Users\Lenovo\Downloads\priloha_1175028734_0_pristupove_udaje_k_datove_schrance.pdf
2023-05-06 19:04 - 2023-05-06 19:04 - 000138631 _____ C:\Users\Lenovo\Downloads\priloha_1149580138_0_RocniVypisROB.pdf
2023-05-06 19:03 - 2023-05-06 19:03 - 000551206 _____ C:\Users\Lenovo\Downloads\priloha_1073506302_0_O-17.8.2022_-_42_711_202_2071.pdf
2023-05-06 19:03 - 2023-05-06 19:03 - 000069477 _____ C:\Users\Lenovo\Downloads\priloha_1117691522_0_O-16.12.2022_-_42_711_202_2071.pdf
2023-05-06 19:02 - 2023-05-06 19:02 - 001295907 _____ C:\Users\Lenovo\Downloads\priloha_1015457182_0_O-11.3.2022_-_42_711_202_2071.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-04 08:29 - 2022-12-31 18:24 - 000000000 ____D C:\ProgramData\Adguard
2023-06-04 08:21 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-04 08:19 - 2020-04-05 10:26 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-04 08:16 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-04 07:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-04 07:46 - 2020-03-02 19:39 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2023-06-04 07:40 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-04 07:33 - 2022-02-26 14:31 - 001715112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-04 07:33 - 2021-06-05 19:22 - 000724600 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-04 07:33 - 2021-06-05 19:22 - 000150562 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-04 07:33 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2023-06-04 07:29 - 2022-12-31 18:24 - 000000000 ____D C:\Program Files (x86)\Adguard
2023-06-04 07:29 - 2022-06-04 03:07 - 000000000 ____D C:\WINDOWS\Minidump
2023-06-04 07:28 - 2022-06-04 03:07 - 1132576243 _____ C:\WINDOWS\MEMORY.DMP
2023-06-04 07:28 - 2022-02-26 14:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-04 07:28 - 2022-02-26 14:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-04 07:28 - 2020-07-04 17:59 - 000012288 ___SH C:\DumpStack.log.tmp
2023-06-03 09:06 - 2020-04-05 11:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-06-03 06:32 - 2022-02-26 14:28 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3625998006-2303437307-2170556659-1003
2023-06-03 06:32 - 2022-02-26 14:28 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625998006-2303437307-2170556659-1003
2023-06-03 06:32 - 2020-07-04 15:56 - 000002429 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-01 06:17 - 2020-04-05 10:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-01 06:17 - 2020-04-05 10:26 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-05-31 23:05 - 2020-01-29 18:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-05-27 17:06 - 2020-06-23 23:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-27 17:06 - 2020-06-23 23:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-05-23 20:49 - 2022-02-26 14:14 - 000000000 ____D C:\Users\Lenovo
2023-05-20 23:41 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-05-20 23:39 - 2023-03-01 17:36 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\DeepL_SE
2023-05-20 23:38 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-05-19 02:14 - 2022-02-26 14:28 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-19 02:14 - 2022-02-26 14:28 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-14 21:51 - 2020-12-14 09:22 - 000000000 ____D C:\Users\Lenovo\Desktop\Štefan fkt
2023-05-14 07:28 - 2020-07-04 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-05-10 22:35 - 2022-02-26 14:22 - 005197208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-05-10 22:34 - 2021-06-05 19:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-05-10 22:34 - 2021-06-05 19:22 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-05-10 22:34 - 2021-06-05 19:22 - 000000000 ____D C:\WINDOWS\system32\cs
2023-05-10 22:34 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-05-10 22:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\WUModels
2023-05-10 22:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2023-05-10 22:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-05-10 22:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-05-10 22:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-05-10 06:17 - 2022-02-26 14:28 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-10 06:17 - 2022-02-26 14:28 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-09 22:45 - 2020-04-05 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-05-09 22:42 - 2020-04-05 11:09 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-05-09 22:27 - 2022-02-26 14:23 - 003109888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Files in the root of some directories ========

2022-03-23 01:54 - 2022-03-23 01:54 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2020-04-05 11:30 - 2020-04-05 11:30 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log
2022-11-30 22:50 - 2022-11-30 22:50 - 000000017 _____ () C:\Users\Lenovo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by Lenovo (04-06-2023 08:33:45)
Running from C:\Users\Lenovo\Desktop
Microsoft Windows 11 Pro Version 21H2 22000.1936 (X64) (2022-02-26 12:29:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-3625998006-2303437307-2170556659-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3625998006-2303437307-2170556659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3625998006-2303437307-2170556659-503 - Limited - Disabled)
Guest (S-1-5-21-3625998006-2303437307-2170556659-501 - Limited - Disabled)
Lenovo (S-1-5-21-3625998006-2303437307-2170556659-1003 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-3625998006-2303437307-2170556659-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

888poker.de (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\888poker.de) (Version: 1.1.2.33 - 888)
Adguard Premium, версия 7.10.3961.0 (HKLM-x32\...\{D5D059FE-9F84-4C76-BCA0-5A50A3CCA3E1}_is1) (Version: 7.10.3961.0 - )
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.2.0.18 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3) (Version: 8.3 - Adobe Systems Incorporated)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2) (Version: 23.2.0.277 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824369436}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DeepL (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
DxO PhotoLab 2 (HKLM\...\{E9CD9A75-02FC-4921-83A6-F57C892C2250}) (Version: 2.3.2 - DxO)
DxO PhotoLab 3 (HKLM\...\{ED095DD7-92AD-46C3-94D7-F8BFD2105CC4}) (Version: 3.1.0 - DxO)
DxO PhotoLab 3 plug-in for Adobe Lightroom (HKLM-x32\...\{3999E0D5-12DC-4ACC-B07F-62B3DECFB5B2}) (Version: 1.0.50 - DxO Labs)
Excel (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
FoneLab Android Data Recovery 3.0.62 (HKLM-x32\...\{9D4E5CFB-1923-4ff6-9305-0E5AF9430AF0}_is1) (Version: 3.0.62 - FoneLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 113.0.5672.129 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E4945B75-A983-48E7-9AB6-B84AF13AF9B3}) (Version: 14.6.1.1030 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Kuki (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Kuki) (Version: 20151105.000 - SMART Comp. a.s.)
LBAI (HKLM-x32\...\{C5C91B7B-38A6-40B7-84D6-E44885E44B13}_is1) (Version: 1.0.0.9 - Lenovo Group Limited)
Lenovo Bluetooth Lock (HKLM\...\{77A3D1F8-B521-40E6-9A51-E53C2FDBA2A9}_is1) (Version: 2.0.1.0527 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.01.0009 - Lenovo)
LibreOffice 7.2.6.2 (HKLM\...\{D21963A8-765F-4458-A227-1D88D8122C2B}) (Version: 7.2.6.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 113.0.1774.57 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.16327.20248 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\OneDriveSetup.exe) (Version: 23.101.0514.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D98EA283-A784-4037-BD51-739D87BFF693}) (Version: 4.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29325 (HKLM\...\{26AF0C35-55EC-4025-8D83-349E8FB1419F}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29325 (HKLM\...\{7D0362D5-C699-4403-BC09-0C1DAD1D93AB}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 2.3.1 - DxO)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16327.20248 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF-XChange PRO (HKLM\...\{1A88C9A8-0176-4F71-B1C1-072E9F0E35B6}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange PRO (HKLM-x32\...\{1be9964a-ee18-4531-b8ec-39ad3817ef89}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.)
Peněžní deník 1.4 (HKLM-x32\...\Peněžní deník_is1) (Version: - )
PowerPoint (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 3.0.3) (Version: 3.1.2 - Topaz Labs LLC)
Topaz Sharpen AI (HKLM\...\Topaz Sharpen AI 3.1.1) (Version: 3.1.1 - Topaz Labs LLC)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\WhatsApp) (Version: 2.2149.4 - WhatsApp)
Windows 11 Manager (HKLM\...\{1896503C-0919-41C4-8135-BD1B667CDCEC}) (Version: 1.0.5 - Yamicsoft) Hidden
Windows 11 Manager (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Windows 11 Manager 1.0.5) (Version: 1.0.5 - Yamicsoft)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 19.3 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 19.3 - WinTools Software Engineering, Ltd.)
Word (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-29] (Microsoft Corporation) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_Z5ML7M7EV32PQUZPYH5TRQ66YWIXJTNNNXRVGIVTKNGMJNRHHFVQ\DeepL.exe (DeepL SE -> DeepL SE)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ContextMenuHandlers1: [PDFTools Context menu] -> {e0e0016c-6025-4337-948f-0b655a18552b} => C:\Program Files\Tracker Software\PDF Tools\PDFXToolsShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igfxDTCM.dll [2017-04-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lenovo\Desktop\Profil 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2023-03-01 17:36 - 2022-08-21 03:44 - 001160192 _____ () [File not signed] [File is in use] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2020-03-07 20:21 - 2017-03-14 17:51 - 001714688 _____ () [File not signed] C:\Program Files\TeraCopy\TeraCopy64.dll
2023-03-01 17:36 - 2022-08-19 09:38 - 175591424 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2023-03-01 17:36 - 2022-08-19 08:11 - 000442880 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2023-03-01 17:36 - 2022-08-19 08:10 - 006480384 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2023-03-01 17:36 - 2022-08-19 08:07 - 004077568 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2023-03-01 17:36 - 2022-08-19 08:10 - 000828928 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2015-08-18 15:20 - 2015-08-18 15:20 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-08-18 15:19 - 2015-08-18 15:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2022-01-28 18:35 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2022-12-31 18:24 - 2017-11-02 02:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2023-03-01 17:36 - 2022-08-19 08:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-01-28 18:35 - 2017-06-21 10:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2022-01-28 18:35 - 2017-06-21 10:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-04-27] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\sharepoint.com -> hxxps://msinvest1-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-08 11:51 - 2022-12-31 18:24 - 000000130 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 topazlabs.com
127.0.0.1 et.topazlabs.com
127.0.0.1 104.22.33.115
127.0.0.1 172.67.37.186

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\black-wallpaper-flower.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CE76BF83-9AE6-48F3-A4DE-1CF11C520188}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{FA9E7CF8-CD81-4744-933A-E8CD15CE4BC4}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{78F5508F-1C99-4DEA-B689-5DB7C7891E6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E163A9D5-A39E-4CCB-95D5-7A17C3DE8450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7EA9DB1B-1051-4E4C-A816-D3F6996E63DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F285AE1-A050-49FD-942C-1D40A74D117D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{806B9E6B-C3C7-4147-8503-4F27C31AF08D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E3CF6E72-930C-4530-A9C1-EEB1E94B1B80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{931064C4-B9FC-4B15-A212-229AB762CF6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{351EF7AF-2DED-4E1E-9D19-9549DAB6917F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B1EF330-43DF-456B-AB98-3830C3758BF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{15FF14B6-A2EF-4E1C-BEB0-D555C34CF8C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1111CD5B-2396-4E4C-A525-B334D9F555D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{29FA8EC0-6F5B-4FCE-B166-33851264BF7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A143C7E7-A341-41B8-A10E-D62D90E7B148}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{A64C59E7-F948-480E-B6A9-0A91AE57DE0A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{3A51C502-EB7E-4481-B43A-AC74BA0E2C2E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E296DB9E-2A77-4A3D-AA49-18A7E60EE556}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23119.303.2080.2726_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8F105A11-3D84-4055-A6B3-14C9D3A7569E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{051E6595-6108-4AA7-8396-CBFFC390B76B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{532E62AC-9321-4938-98B7-CA2B42308A13}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{11991396-F25B-47C5-93C9-CCB0642BDFE2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{46A3848A-8F82-4B9D-9E8E-030E3C38C2C3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C94CB1FF-28C5-4F95-9869-D58F30D25BCE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BC76F24A-E24F-472C-BF2A-A77FFBCC9449}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7D4A73E-8492-4E20-A7BA-A4431C5B14F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4CE1429F-489E-4E2F-9A34-F6E1D59305AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7A5D4942-FBEA-4B0D-B6E1-C63BE029BDA0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9B56770B-E97E-41F9-B8A3-88D4D92D9A16}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EC3450FE-FBFB-45DB-9DF1-63BF96404DF1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{25AAB0DF-450F-4AED-A877-4CF179A8E492}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B4174ED6-C8B7-42AC-BB6D-8FB45E1C7F49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B1AA0092-22DC-4E50-A9D7-4693AD0693AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5943A080-F9AB-4BCC-9132-375F3B5A39A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

30-05-2023 18:02:53 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: ThinkCentre M800Z/M700Z System Firmware 1.68
Description: ThinkCentre M800Z/M700Z System Firmware 1.68
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Lenovo Ltd.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (05/28/2023 05:07:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na (D:), protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)

Error: (05/21/2023 03:23:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na (D:), protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)

Error: (05/20/2023 11:40:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/20/2023 11:40:09 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/20/2023 11:40:09 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (05/20/2023 11:40:09 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (05/14/2023 03:58:42 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na (D:), protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)

Error: (05/07/2023 08:04:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na (D:), protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)


System errors:
=============
Error: (06/04/2023 07:28:55 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WMPNetworkSvc závisí na službě WSearch, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (06/04/2023 07:28:32 AM) (Source: volmgr) (EventID: 162) (User: )
Description: Soubor se stavem systému byl úspěšně vygenerován.

Error: (06/04/2023 07:28:57 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (7:26:02, ‎04.‎06.‎2023) bylo neočekávané.

Error: (06/04/2023 06:03:44 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/03/2023 04:24:46 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/03/2023 05:35:50 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/02/2023 10:50:14 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/02/2023 05:21:41 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.


Windows Defender:
================
Date: 2023-06-04 01:06:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {377A1A9F-E32E-4727-AE74-A1F710AAFB62}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-06-03 01:10:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F1367A89-9D61-426A-90AB-8BEE55B943CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-06-01 23:24:42
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7CA71EE5-0A69-4059-BB0C-FA0FFEECB531}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-31 23:04:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {146C00FE-BF11-4009-B18A-A9A99BAC3036}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-05-30 18:00:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C7E59BC1-A43C-46CC-B8A7-00C1D39C36D1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-06-04 07:41:54
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO LENOVO - 1440 11/06/2020
Motherboard: LENOVO 30BB
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 64%
Total physical RAM: 8099.45 MB
Available physical RAM: 2853.27 MB
Total Virtual: 9379.45 MB
Available Virtual: 3230.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.33 GB) (Free:44.35 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: () (Removable) (Total:59.45 GB) (Free:39.91 GB) exFAT
Drive g: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:291.71 GB) (Model: Samsung SSD 860 EVO 500G SCSI Disk Device) NTFS

\\?\Volume{378c6390-6e10-4618-911f-52c0938791b6}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{1d653cb3-febf-4ccf-8033-8f293b27d1fa}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{d388f1c1-f359-44f9-9ca7-530530751557}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 01DAAFA2)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0CBB1DFF)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 59.5 GB) (Disk ID: A79CEB35)
Partition 1: (Not Active) - (Size=59.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu

#2 Příspěvek od JaRon »

Ahoj,
prescanuj PC s MBAM - log sem
Su nejake problemy s PC :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#3 Příspěvek od petatape »

PC přestal rozpoznávat televizi....


Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 28.06.23
Čas skenování: 17:17
Logovací soubor: f5c037c8-15c6-11ee-b72f-98eecb25f1de.json

-Informace o softwaru-
Verze: 4.5.31.270
Verze komponentů: 1.0.2047
Aktualizovat verzi balíku komponent: 1.0.71660
Licence: Zkušební

-Systémová informace-
OS: Windows 11 (Build 22000.2057)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-NOA58GF\Lenovo

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 274099
Zjištěné hrozby: 6
Hrozby umístěné do karantény: 0
Uplynulý čas: 10 min, 44 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 6
Malware.Sandbox.52, C:\USERS\LENOVO\APPDATA\ROAMING\Microsoft\Windows\Start Menu\888Poker.lnk, Žádná uživatelská akce, 52, 0, , , , , 288E9937D8B4A617CFC0C30F0CC59792, D971D17019F78506293554BC91BEF4CC173CF28B8E49796A1990A147734C783F
Malware.Sandbox.52, C:\USERS\LENOVO\APPDATA\ROAMING\Microsoft\Windows\Start Menu\Programs\888Poker.lnk, Žádná uživatelská akce, 52, 0, , , , , 8E73A468D3D459E69EB97A6321B85EF3, 2C3EBDC6DBB2B12235BA82FF48A94BC0EF1E21C5B2EC10294100856721491B67
Malware.Sandbox.52, C:\USERS\LENOVO\DESKTOP\888Poker.lnk, Žádná uživatelská akce, 52, 0, , , , , 9E52B2E62EE987FDE1A3F9E643BDEF26, 64D9FE71C7CF48C4196CC81550C243721F7DA040BCE90F0179BF9302F04FFF69
Malware.Sandbox.52, C:\USERS\LENOVO\APPDATA\ROAMING\POKER\888POKER.DE\BIN\888POKER_DE.EXE, Žádná uživatelská akce, 52, 0, 1.0.71660, 52, dds, 02360918, 9611E383858E628EC95CDDF260003BE8, 974E072AFA520BFC26DB1A06B3CAF9116514DF39C75D1FE2CE02DD3B5D4CF19F
Adware.FusionCore, C:\USERS\LENOVO\DOWNLOADS\FILEZILLA_3.53.1_WIN64_SPONSORED-SETUP.EXE, Žádná uživatelská akce, 5587, 929500, 1.0.71660, , ame, , FFB4C2CFFF18C1BCA3A5A83413A50044, 45356196B296DFAEBC6586C4D7921FDC4303B9613CA84883A992469F557739EF
HackKMS.HackTool.RiskWare.DDS, C:\USERS\LENOVO\DESKTOP\INSTALACE\OFFICE 2013-2021 C2R INSTALL V7.3.2B.RAR, Žádná uživatelská akce, 1000002, 0, 1.0.71660, 9CFE79C09CE12A1EFF09B640, dds, 02360918, 937952101D50F1C8E7A55D03C966FD1E, 1BA8F737ABAFB0466D2643C0C4C82A925B0DB170CB3978BD94F64DFA5F1A05AF

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#4 Příspěvek od Rudy »

Zaskočím za kolegu, který má dovolenou. Nalezené položky smažte (dejte do karantény), restartujte a pak dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#5 Příspěvek od petatape »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2023
Ran by Lenovo (administrator) on DESKTOP-NOA58GF (LENOVO 10EU0022MC) (29-06-2023 19:12:21)
Running from C:\Users\Lenovo\Desktop\FRST64.exe
Loaded Profiles: Lenovo
Platform: Microsoft Windows 11 Pro Version 21H2 22000.2057 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_UWNGXVK6DRTTECOLMXJSJBKPLJSVPF4RLJDWUUYVXIU4S6CAUU7A\DeepL.exe ->) (The CefSharp Authors) [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.exe <5>
(DeepL SE -> DeepL SE) C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_UWNGXVK6DRTTECOLMXJSJBKPLJSVPF4RLJDWUUYVXIU4S6CAUU7A\DeepL.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(RuntimeBroker.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_22dff82e7da0099b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (LENOVO -> ) C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(sihost.exe ->) (8F32EFB2-B494-4AEC-A27C-4B0736252363 -> SmartDisplays) C:\Program Files\WindowsApps\E046963F.SmartDisplays_3.0.0.0_x64__k1h2ywk1493x8\SmartDisplays\SmartDisplays.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21490.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-04-17] (Adobe Inc. -> )
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [292104 2023-05-10] (Intel Corporation -> Intel)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [AllowBlockingAppsAtShutdown] 0
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2022-04-17] (Adobe Inc. -> )
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [MicrosoftEdgeAutoLaunch_5EF70F99B4529735F3564FFE246DB961] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\MountPoints2: {0743f09b-d11a-11ed-a92f-98eecb25f1de} - "F:\SISetup.exe"
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [290816 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\WINDOWS\system32\pxcpm.dll [953600 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.199\Installer\chrmstp.exe [2023-06-29] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeepL auto-start.lnk [2023-03-03]
ShortcutTarget: DeepL auto-start.lnk -> C:\Users\Lenovo\AppData\Roaming\0install.net\desktop-integration\stubs\1eae01f3cdb5ff0ecf683b15a60a1489573c1188cb34abc205fcf7a924b4e54d\auto-start.exe () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07A0BD0C-782E-4D2C-A0DD-D3DDE097BB79} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {0F083838-D9A8-4B95-8418-2382754E69ED} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {27CBCAA3-D9E4-4804-895E-219ABB3B7404} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {3BD21D6F-6F0D-4183-AB49-92A6C93719F3} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\WINDOWS\System32\Wscript.exe [172032 2021-06-05] (Microsoft Windows -> Microsoft Corporation) -> //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {3DA05C3B-61C4-474F-AC19-3C5A570411F6} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5092056 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
Task: {4C4640AC-35DD-4BD6-8EC9-DC7A508E2D26} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3503584 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {5639E2B2-17A4-48A2-B4FB-9BF73DCA2E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {6531DE5A-AE51-4242-BDA4-E98367FC0CA9} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3625998006-2303437307-2170556659-1003 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2023-04-10] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {728A5097-D186-4991-91B9-6123CEB96F3C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7BAD4EA5-E8B2-4507-AB95-F311059C0539} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557352 2023-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {84019064-6CFC-41BA-BD90-BD0126CCA4EA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123872 2023-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {85AEE5B0-92E7-4B56-BBC9-46DD922899BE} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2023-01-19] (Lenovo -> )
Task: {86D13D96-82BF-4C90-86C4-0ACA7259611A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B6A5F45E-0449-4CD9-BE3B-5EB288AC2503} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002472 2023-03-28] (Intel Corporation -> Intel Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CF3278D6-44E4-4CD5-A4C3-CF20D8AB7637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {D5DCA27A-0F25-4820-8D4E-28701B306E8C} - System32\Tasks\Lenovo\Lenovo MigrationAssistant start event task => C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe [291216 2020-11-11] (Lenovo -> )
Task: {E1E5D697-4EDB-429E-A257-6F417C769FA9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26557352 2023-06-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3BC0ED2-1778-4E8A-9C75-F0C9BDD10789} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [5002472 2023-03-28] (Intel Corporation -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cb0048aa-817b-4c7d-a9b0-af203f01f0c8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d05bc245-e639-48a3-b625-0fc4810a0438}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => path not found
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => path not found
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => path not found
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => path not found
Edge DefaultProfile: Profile 1
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-26]
Edge Extension: (Outlook) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-14]
Edge Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2022-09-17]
Edge Extension: (Word) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-14]
Edge Extension: (Excel) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-14]
Edge Extension: (PowerPoint) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-14]
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2022-01-22]
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-06-29]
Edge HomePage: Profile 1 -> hxxps://www.seznam.cz/?clid=22668
Edge Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2023-06-26]
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-06-26]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2023-06-27]
Edge HKLM\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]
Edge HKLM-x32\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]

FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2023-06-29]
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2023-06-13]
CHR Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blgipgnbmnikbdecnjmgckmndlkebhid [2023-03-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR HKLM\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]
CHR HKLM-x32\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [473008 2022-08-02] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3896288 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3729888 2023-01-19] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BtLockerService; C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe [44432 2016-01-22] (LENOVO -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11774352 2023-06-25] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [42760 2023-05-10] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [213256 2023-05-10] (Intel Corporation -> Intel)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-11-24] (Hewlett-Packard Company -> HP)
R2 LBAEvent; C:\Program Files (x86)\Lenovo\LBAI\LBAEvent.exe [27392 2015-06-03] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266352 2023-06-28] (Malwarebytes Inc. -> Malwarebytes)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [352656 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector -> Code Sector)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe [3232576 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe [133592 2023-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 adgnetworktdidrv; C:\WINDOWS\System32\drivers\adgnetworktdidrv.sys [69152 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-06-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt11.sys [233216 2023-06-29] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77752 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-06-29] (Malwarebytes Inc. -> Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2023-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [103656 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99568 2023-06-13] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-29 19:12 - 2023-06-29 19:12 - 000000000 ____D C:\Users\Lenovo\Desktop\FRST-OlderVersion
2023-06-29 19:09 - 2023-06-29 19:10 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\IGDump
2023-06-29 19:09 - 2023-06-29 19:09 - 000233216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2023-06-29 19:09 - 2023-06-29 19:09 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-06-28 17:29 - 2023-06-28 17:29 - 000003127 _____ C:\Users\Lenovo\Desktop\scn.txt
2023-06-28 17:17 - 2023-06-28 17:17 - 000000000 ____D C:\Users\Lenovo\AppData\Local\mbam
2023-06-28 17:10 - 2023-06-29 19:09 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Malwarebytes
2023-06-28 17:10 - 2023-06-28 17:10 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-06-28 17:10 - 2023-06-28 17:10 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-06-28 17:09 - 2023-06-28 17:09 - 002649072 _____ (Malwarebytes) C:\Users\Lenovo\Downloads\MBSetup.exe
2023-06-28 17:09 - 2023-06-28 17:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-06-28 17:09 - 2023-06-28 17:09 - 000000000 ____D C:\Program Files\Malwarebytes
2023-06-27 23:10 - 2023-01-19 16:06 - 001432320 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-06-27 23:10 - 2023-01-19 16:06 - 001432320 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-06-27 23:10 - 2023-01-19 16:06 - 001145632 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-06-27 23:10 - 2023-01-19 16:06 - 001145632 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-06-27 23:01 - 2023-06-27 23:01 - 132586350 _____ C:\Users\Lenovo\Downloads\MSStoreSmartDisplays.msixbundle
2023-06-27 22:59 - 2023-06-27 22:59 - 003670936 _____ (Lenovo ) C:\Users\Lenovo\Downloads\LSBSetup (4).exe
2023-06-27 22:21 - 2023-06-27 22:21 - 003670936 _____ (Lenovo ) C:\Users\Lenovo\Downloads\LSBSetup (3).exe
2023-06-27 21:59 - 2023-06-27 21:59 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Intel
2023-06-27 21:53 - 2023-06-27 21:54 - 257048704 _____ (Lenovo Group Limited ) C:\Users\Lenovo\Downloads\r0piv25w.exe
2023-06-27 18:23 - 2023-06-27 18:23 - 003670936 _____ (Lenovo ) C:\Users\Lenovo\Downloads\LSBSetup (2).exe
2023-06-27 18:17 - 2023-06-27 18:17 - 000000000 _____ C:\WINDOWS\system32\.tmp
2023-06-27 18:16 - 2023-06-27 18:16 - 051693304 _____ (Lenovo ) C:\Users\Lenovo\Downloads\lma2146.exe
2023-06-27 18:16 - 2023-06-27 18:16 - 000002074 _____ C:\Users\Public\Desktop\Lenovo Migration Assistant.lnk
2023-06-27 18:16 - 2023-06-27 18:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Migration Assistant
2023-06-27 18:16 - 2023-06-27 18:16 - 000000000 ____D C:\Program Files\Lenovo
2023-06-27 18:10 - 2023-06-27 18:10 - 000003670 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2023-06-27 18:10 - 2023-04-25 11:32 - 000047240 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2023-06-26 17:26 - 2023-06-26 17:26 - 003670936 _____ (Lenovo ) C:\Users\Lenovo\Downloads\LSBSetup (1).exe
2023-06-26 17:23 - 2023-06-27 18:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-06-26 17:23 - 2023-06-26 17:23 - 003670936 _____ (Lenovo ) C:\Users\Lenovo\Downloads\LSBSetup.exe
2023-06-26 17:23 - 2023-06-26 17:23 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2023-06-26 16:23 - 2023-06-26 16:24 - 523670568 _____ (Intel) C:\Users\Lenovo\Downloads\gfx_win_101.2115.exe
2023-06-26 16:16 - 2023-06-27 22:33 - 000003834 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2023-06-26 16:10 - 2023-06-27 22:23 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Intel
2023-06-26 16:10 - 2023-06-27 18:10 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2023-06-26 16:10 - 2023-06-27 18:10 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2023-06-26 16:09 - 2023-06-27 18:08 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2023-06-26 16:09 - 2023-06-26 16:09 - 006334064 _____ (Intel) C:\Users\Lenovo\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2023-06-25 20:56 - 2023-06-25 20:56 - 000192902 _____ C:\Users\Lenovo\Downloads\priloha_1207427079_0_Upominka_8711714495.pdf
2023-06-13 22:41 - 2023-06-13 22:41 - 000000000 ___HD C:\$WinREAgent
2023-06-11 21:22 - 2023-06-11 21:22 - 000470773 _____ C:\Users\Lenovo\Downloads\711383078.pdf
2023-06-05 17:00 - 2023-06-05 17:00 - 000205956 _____ C:\Users\Lenovo\Desktop\Invoice RE4224 (1).pdf
2023-06-05 16:59 - 2023-06-05 16:59 - 000205956 _____ C:\Users\Lenovo\Downloads\Invoice RE4224.pdf
2023-06-04 10:49 - 2023-06-04 10:49 - 000059408 _____ C:\Users\Lenovo\Desktop\RtnGetLabelData.pdf
2023-06-04 08:33 - 2023-06-04 08:41 - 000043609 _____ C:\Users\Lenovo\Desktop\Addition.txt
2023-06-04 08:31 - 2023-06-29 19:13 - 000029731 _____ C:\Users\Lenovo\Desktop\FRST.txt
2023-06-04 08:30 - 2023-06-29 19:12 - 000000000 ____D C:\FRST
2023-06-04 08:27 - 2023-06-29 19:12 - 002383360 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2023-06-04 07:28 - 2023-06-04 07:29 - 001052628 _____ C:\WINDOWS\Minidump\060423-23125-01.dmp
2023-06-01 17:38 - 2023-06-01 17:38 - 071074918 _____ C:\Users\Lenovo\Desktop\Daniel Landa Minové pole.rar
2023-05-31 20:49 - 2023-05-31 20:49 - 000206197 _____ C:\Users\Lenovo\Desktop\Invoice RE4217.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-29 19:13 - 2022-02-26 14:31 - 001715176 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-29 19:13 - 2021-06-05 19:22 - 000724600 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-29 19:13 - 2021-06-05 19:22 - 000150562 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-29 19:13 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2023-06-29 19:12 - 2020-03-07 22:55 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2023-06-29 19:11 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-06-29 19:11 - 2020-04-05 10:26 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-29 19:10 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-29 19:10 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-29 19:09 - 2022-12-31 18:24 - 000000000 ____D C:\ProgramData\Adguard
2023-06-29 19:09 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-29 19:09 - 2020-03-02 19:39 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2023-06-29 19:08 - 2022-02-26 14:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-29 19:08 - 2021-06-05 14:01 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-06-29 19:08 - 2020-07-04 17:59 - 000012288 ___SH C:\DumpStack.log.tmp
2023-06-29 19:08 - 2020-01-29 18:28 - 000000000 ____D C:\Intel
2023-06-29 18:11 - 2022-02-26 14:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-29 17:14 - 2020-04-05 10:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-29 17:14 - 2020-04-05 10:26 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-29 17:12 - 2022-12-31 18:24 - 000000000 ____D C:\Program Files (x86)\Adguard
2023-06-29 02:10 - 2020-04-05 11:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-06-28 19:09 - 2020-03-07 23:23 - 000000000 ___RD C:\Users\Lenovo\Desktop\Instalace
2023-06-28 17:10 - 2021-06-05 14:10 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-06-28 17:06 - 2020-04-09 11:54 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ElevatedDiagnostics
2023-06-27 23:07 - 2020-03-07 20:15 - 000000000 ____D C:\ProgramData\Package Cache
2023-06-27 23:01 - 2020-03-02 19:39 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2023-06-27 23:01 - 2020-01-29 18:38 - 000000000 ____D C:\ProgramData\Packages
2023-06-27 22:59 - 2021-04-07 13:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2023-06-27 22:27 - 2020-01-29 18:34 - 000000000 ____D C:\ProgramData\Intel
2023-06-27 22:01 - 2020-01-29 18:30 - 000000000 ____D C:\WINDOWS\TempInst
2023-06-27 22:00 - 2020-03-02 19:39 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Publishers
2023-06-27 18:17 - 2020-01-29 18:30 - 000000000 ____D C:\ProgramData\Lenovo
2023-06-26 18:06 - 2022-02-26 14:28 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3625998006-2303437307-2170556659-1003
2023-06-26 18:06 - 2022-02-26 14:28 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625998006-2303437307-2170556659-1003
2023-06-26 18:06 - 2020-07-04 15:56 - 000002429 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-26 16:10 - 2020-01-29 18:27 - 000000000 ____D C:\Program Files\Intel
2023-06-26 16:09 - 2020-01-29 18:28 - 000000000 ____D C:\Program Files (x86)\Intel
2023-06-26 15:41 - 2022-02-26 14:14 - 000000000 ____D C:\Users\Lenovo
2023-06-25 20:49 - 2020-07-04 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-06-25 20:42 - 2020-06-23 23:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-25 20:42 - 2020-06-23 23:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-16 06:16 - 2022-02-26 14:28 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-06-16 06:16 - 2022-02-26 14:28 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-06-13 23:09 - 2022-02-26 14:22 - 005197208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-06-13 23:07 - 2023-03-01 17:36 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\DeepL_SE
2023-06-13 23:07 - 2021-06-05 19:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-06-13 23:07 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-06-13 23:07 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2023-06-13 23:07 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-13 23:07 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-06-13 23:07 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\servicing
2023-06-13 22:52 - 2020-04-05 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-13 22:48 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-13 22:48 - 2020-04-05 11:09 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-13 22:44 - 2022-02-26 14:23 - 003110400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-06-13 22:01 - 2020-01-29 18:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-06-09 20:22 - 2022-02-26 14:28 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-09 20:22 - 2022-02-26 14:28 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-04 11:36 - 2022-11-30 18:15 - 000000000 ____D C:\Users\Lenovo\Desktop\daně
2023-06-04 10:51 - 2023-03-19 12:42 - 000000000 ____D C:\Users\Lenovo\Desktop\gumáci
2023-06-04 07:29 - 2022-06-04 03:07 - 000000000 ____D C:\WINDOWS\Minidump
2023-06-04 07:28 - 2022-06-04 03:07 - 1132576243 _____ C:\WINDOWS\MEMORY.DMP

==================== Files in the root of some directories ========

2022-03-23 01:54 - 2022-03-23 01:54 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2020-04-05 11:30 - 2020-04-05 11:30 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log
2022-11-30 22:50 - 2022-11-30 22:50 - 000000017 _____ () C:\Users\Lenovo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by Lenovo (29-06-2023 19:13:51)
Running from C:\Users\Lenovo\Desktop
Microsoft Windows 11 Pro Version 21H2 22000.2057 (X64) (2022-02-26 12:29:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-3625998006-2303437307-2170556659-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3625998006-2303437307-2170556659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3625998006-2303437307-2170556659-503 - Limited - Disabled)
Guest (S-1-5-21-3625998006-2303437307-2170556659-501 - Limited - Disabled)
Lenovo (S-1-5-21-3625998006-2303437307-2170556659-1003 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-3625998006-2303437307-2170556659-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

888poker.de (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\888poker.de) (Version: 1.1.2.33 - 888)
Adguard Premium, версия 7.10.3961.0 (HKLM-x32\...\{D5D059FE-9F84-4C76-BCA0-5A50A3CCA3E1}_is1) (Version: 7.10.3961.0 - )
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.2.0.18 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3) (Version: 8.3 - Adobe Systems Incorporated)
Adobe Photoshop 2022 (HKLM-x32\...\PHSP_23_2) (Version: 23.2.0.277 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824369436}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DeepL (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
DxO PhotoLab 2 (HKLM\...\{E9CD9A75-02FC-4921-83A6-F57C892C2250}) (Version: 2.3.2 - DxO)
DxO PhotoLab 3 (HKLM\...\{ED095DD7-92AD-46C3-94D7-F8BFD2105CC4}) (Version: 3.1.0 - DxO)
DxO PhotoLab 3 plug-in for Adobe Lightroom (HKLM-x32\...\{3999E0D5-12DC-4ACC-B07F-62B3DECFB5B2}) (Version: 1.0.50 - DxO Labs)
Excel (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
FoneLab Android Data Recovery 3.0.62 (HKLM-x32\...\{9D4E5CFB-1923-4ff6-9305-0E5AF9430AF0}_is1) (Version: 3.0.62 - FoneLab)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.199 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel Driver && Support Assistant (HKLM-x32\...\{7D5F1DA8-0A8A-4762-8053-DD597941CA1C}) (Version: 23.2.17.8 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{438CD419-50DF-4A15-B9AD-986D47085E54}) (Version: 2.4.09146 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{f2a88096-3fb7-490f-b289-ad70b99a8f5e}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E4945B75-A983-48E7-9AB6-B84AF13AF9B3}) (Version: 14.6.1.1030 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e16a7ba8-2ba1-4828-84d0-c6516a42226e}) (Version: 23.2.17.8 - Intel)
Kuki (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Kuki) (Version: 20151105.000 - SMART Comp. a.s.)
LBAI (HKLM-x32\...\{C5C91B7B-38A6-40B7-84D6-E44885E44B13}_is1) (Version: 1.0.0.9 - Lenovo Group Limited)
Lenovo Bluetooth Lock (HKLM\...\{77A3D1F8-B521-40E6-9A51-E53C2FDBA2A9}_is1) (Version: 2.0.1.0527 - Lenovo)
Lenovo Migration Assistant (HKLM\...\Lenovo Migration Assistant_is1) (Version: 2.1.4.6 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.14 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.01.0009 - Lenovo)
LibreOffice 7.2.6.2 (HKLM\...\{D21963A8-765F-4458-A227-1D88D8122C2B}) (Version: 7.2.6.2 - The Document Foundation)
Malwarebytes version 4.5.31.270 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.31.270 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.58 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.16501.20228 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.16501.20228 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\OneDriveSetup.exe) (Version: 22.141.0703.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\OneDriveSetup.exe) (Version: 23.119.0606.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{D98EA283-A784-4037-BD51-739D87BFF693}) (Version: 4.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31332 (HKLM-x32\...\{3746f21b-c990-4045-bb33-1cf98cff7a68}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31332 (HKLM\...\{F4499EE3-A166-496C-81BB-51D1BCDC70A9}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31332 (HKLM\...\{3407B900-37F5-4CC2-B612-5CD5D580A163}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 2.3.1 - DxO)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.16501.20152 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDF-XChange PRO (HKLM\...\{1A88C9A8-0176-4F71-B1C1-072E9F0E35B6}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange PRO (HKLM-x32\...\{1be9964a-ee18-4531-b8ec-39ad3817ef89}) (Version: 9.5.366.0 - Tracker Software Products (Canada) Ltd.)
Peněžní deník 1.4 (HKLM-x32\...\Peněžní deník_is1) (Version: - )
PowerPoint (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller Pro 4.5.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.5.5 - VS Revo Group, Ltd.)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
TeraCopy version 3.26 (HKLM\...\TeraCopy_is1) (Version: 3.26 - Code Sector)
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 3.0.3) (Version: 3.1.2 - Topaz Labs LLC)
Topaz Sharpen AI (HKLM\...\Topaz Sharpen AI 3.1.1) (Version: 3.1.1 - Topaz Labs LLC)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\WhatsApp) (Version: 2.2149.4 - WhatsApp)
Windows 11 Manager (HKLM\...\{1896503C-0919-41C4-8135-BD1B667CDCEC}) (Version: 1.0.5 - Yamicsoft) Hidden
Windows 11 Manager (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Windows 11 Manager 1.0.5) (Version: 1.0.5 - Yamicsoft)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 19.3 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 19.3 - WinTools Software Engineering, Ltd.)
Word (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-02] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_146.3.1087.0_x64__v10z8vjag6ke6 [2023-06-25] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.97.61391.0_x64__8wekyb3d8bbwe [2023-05-29] (Microsoft Corporation) [Startup Task]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4979.0_x64__8j3eq9eme6ctt [2023-06-29] (INTEL CORP) [Startup Task]
Smart Displays -> C:\Program Files\WindowsApps\E046963F.SmartDisplays_3.0.0.0_x64__k1h2ywk1493x8 [2023-06-29] (LENOVO INC.) [Startup Task]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-19] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x64__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.882.2207.0_x86__8wekyb3d8bbwe [2023-06-27] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003_Classes\CLSID\{b72e6f5e-f6e0-a9eb-461b-6118363bd15c}\localserver32 -> C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_UWNGXVK6DRTTECOLMXJSJBKPLJSVPF4RLJDWUUYVXIU4S6CAUU7A\DeepL.exe (DeepL SE -> DeepL SE)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ContextMenuHandlers1: [PDFTools Context menu] -> {e0e0016c-6025-4337-948f-0b655a18552b} => C:\Program Files\Tracker Software\PDF Tools\PDFXToolsShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2022-01-27] (Adobe Inc. -> )
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2023-06-28] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2020-09-28] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt.dll [2016-12-07] (Code Sector -> )
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lenovo\Desktop\Profil 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/

==================== Loaded Modules (Whitelisted) =============

2023-03-01 17:36 - 2022-08-21 03:44 - 001160192 _____ () [File not signed] [File is in use] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\CefSharp.BrowserSubprocess.Core.dll
2022-06-28 14:26 - 2022-06-28 14:26 - 005998080 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module_win32.dll
2023-03-01 17:36 - 2022-08-19 09:38 - 175591424 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libcef.dll
2023-03-01 17:36 - 2022-08-19 08:11 - 000442880 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libEGL.dll
2023-03-01 17:36 - 2022-08-19 08:10 - 006480384 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\libGLESv2.dll
2023-03-01 17:36 - 2022-08-19 08:07 - 004077568 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vk_swiftshader.dll
2023-03-01 17:36 - 2022-08-19 08:10 - 000828928 _____ () [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\vulkan-1.dll
2015-08-18 15:20 - 2015-08-18 15:20 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-08-18 15:19 - 2015-08-18 15:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2022-01-28 18:35 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2022-12-31 18:24 - 2017-11-02 02:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2023-04-25 11:32 - 2023-04-25 11:32 - 002165760 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2023-03-01 17:36 - 2022-08-19 08:16 - 001231872 _____ (The Chromium Authors) [File not signed] C:\Users\Lenovo\AppData\Local\0install.net\implementations\sha256new_WNVUT4A7COIHUPNX3HWQQZD5BU3GEPFRMM3BLVJW4ICRXIJEKBJQ\chrome_elf.dll
2022-01-28 18:35 - 2017-06-21 10:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2022-01-28 18:35 - 2017-06-21 10:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-01] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-06-08] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\sharepoint.com -> hxxps://msinvest1-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-04-08 11:51 - 2022-12-31 18:24 - 000000130 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 topazlabs.com
127.0.0.1 et.topazlabs.com
127.0.0.1 104.22.33.115
127.0.0.1 172.67.37.186

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\black-wallpaper-flower.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CE76BF83-9AE6-48F3-A4DE-1CF11C520188}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{FA9E7CF8-CD81-4744-933A-E8CD15CE4BC4}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{78F5508F-1C99-4DEA-B689-5DB7C7891E6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E163A9D5-A39E-4CCB-95D5-7A17C3DE8450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7EA9DB1B-1051-4E4C-A816-D3F6996E63DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9F285AE1-A050-49FD-942C-1D40A74D117D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{806B9E6B-C3C7-4147-8503-4F27C31AF08D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E3CF6E72-930C-4530-A9C1-EEB1E94B1B80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{931064C4-B9FC-4B15-A212-229AB762CF6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{351EF7AF-2DED-4E1E-9D19-9549DAB6917F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B1EF330-43DF-456B-AB98-3830C3758BF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{15FF14B6-A2EF-4E1C-BEB0-D555C34CF8C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1111CD5B-2396-4E4C-A525-B334D9F555D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{29FA8EC0-6F5B-4FCE-B166-33851264BF7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A143C7E7-A341-41B8-A10E-D62D90E7B148}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{A64C59E7-F948-480E-B6A9-0A91AE57DE0A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{D808DD08-1EF5-4F40-833E-2F04E0FC58C3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74BE3916-2A9A-4DAB-9355-7B1A63437A64}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F18F520-F928-421F-A71D-A39F0B1AC91C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_23153.2000.2140.6533_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7E6710FF-A50F-456C-B3F6-3A0C2A5F87CB}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{477A2A25-E419-4884-8CD3-E8F4CED5DBBD}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{B180FF39-F02D-415E-ADC6-2296F86ED31A}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{8B96D033-DA78-4AF3-9134-4ABBEA3A1A4C}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{64294E51-527E-48BF-A676-2885F3139E6F}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{65ABCF5A-45E7-4499-8105-B3E2F7588ADC}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{00E17408-16D9-4C64-97AC-E0A8764698A5}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe (Lenovo -> )
FirewallRules: [{B0FC9AC1-6B08-4CC5-B612-20CAA38A9C21}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe (Lenovo -> )
FirewallRules: [{AA7B37C1-A4A8-4EB6-97CA-94137DB2760D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5C6B3655-75BF-4214-901C-EA86AF6E08FE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4EC01516-D85D-4655-B5A3-45A9829E0B75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{95FBC001-6A30-4D94-B8D3-4D225CB03ACB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DFAC52BE-5892-4837-8AE5-50662FC889C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4B3B7EAC-B915-45A6-9DB6-76DE8F6643A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{49A5033B-B80B-445D-A112-E80FC3F9142B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{98DCAA5D-D071-4EE3-A1D1-F9E395E8B8B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4903776C-31E5-48CC-8EF4-DEB97396CDE1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C17EF51B-1FCB-479C-8947-FBAEA129E634}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{EB5744B3-A122-496B-9149-92421B9D3A35}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1E833F0C-F972-483A-9E92-1AABD9A9ABD7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AE0F632B-8A40-4628-B960-2BF45166B6E2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D350BC29-2DA2-49A1-89E0-33650268EBFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.214.1149.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5FBB40C2-C38F-4897-9E98-847168D89CB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-06-2023 21:04:50 Naplánovaný kontrolní bod
27-06-2023 18:08:03 Intel® Driver & Support Assistant

==================== Faulty Device Manager Devices ============

Name: Intel(R) Dual Band Wireless-AC 8260
Description: Intel(R) Dual Band Wireless-AC 8260
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw06
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network) #2
Description: Zařízení Bluetooth (síť PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ThinkCentre M800Z/M700Z System Firmware 1.68
Description: ThinkCentre M800Z/M700Z System Firmware 1.68
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Lenovo Ltd.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/27/2023 10:59:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LSB.exe, verze: 5.0.2.14, časové razítko: 0x6433b813
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.2057, časové razítko: 0x3bd21ccd
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000052bac
ID chybujícího procesu: 0x2da0
Čas spuštění chybující aplikace: 0x01d9a93a42684b65
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fbc35250-6de2-4af6-bc1e-976527674ef2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/27/2023 10:59:33 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LSB.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IndexOutOfRangeException
na Common.MachineInformationCollector.SplitTable(Byte[])
na Common.MachineInformationCollector..ctor()
na Common.Util..cctor()

Informace o výjimce: System.TypeInitializationException
na SysDetect.SysDetectManager.get_DetectDataCache()
na SysDetect.SysDetectManager.HandleDetectRequest(System.String, SysDetect.DetectSource)
na LSB.HTTPServer.handleCors(System.Net.HttpListenerContext)
na LSB.HTTPServer.ListenerCallback(System.IAsyncResult)
na System.Net.LazyAsyncResult.Complete(IntPtr)
na System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
na System.Net.ListenerAsyncResult.IOCompleted(System.Net.ListenerAsyncResult, UInt32, UInt32)
na System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (06/27/2023 10:58:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LSB.exe, verze: 5.0.2.14, časové razítko: 0x6433b813
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.2057, časové razítko: 0x3bd21ccd
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000052bac
ID chybujícího procesu: 0x2038
Čas spuštění chybující aplikace: 0x01d9a936907980ed
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6ddbec5e-a0a6-45be-9a86-0ced955ea971
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/27/2023 10:58:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LSB.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IndexOutOfRangeException
na Common.MachineInformationCollector.SplitTable(Byte[])
na Common.MachineInformationCollector..ctor()
na Common.Util..cctor()

Informace o výjimce: System.TypeInitializationException
na SysDetect.SysDetectManager.get_DetectDataCache()
na SysDetect.SysDetectManager.HandleDetectRequest(System.String, SysDetect.DetectSource)
na LSB.HTTPServer.handleCors(System.Net.HttpListenerContext)
na LSB.HTTPServer.ListenerCallback(System.IAsyncResult)
na System.Net.LazyAsyncResult.Complete(IntPtr)
na System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
na System.Net.ListenerAsyncResult.IOCompleted(System.Net.ListenerAsyncResult, UInt32, UInt32)
na System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)

Error: (06/27/2023 10:32:05 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Sběr dat čítače výkonu od služby BITS byl vypnut z důvodu jedné nebo více chyb generovaných knihovnou čítače výkonu pro tuto službu. Chyby, které vyvolaly tuto akci, byly zapsány do protokolu událostí aplikace. Opravte tyto chyby před novým zapnutím čítačů výkonu pro tuto službu.

Error: (06/27/2023 10:32:05 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1011) (User: NT AUTHORITY)
Description: Procedura Close v knihovně DLL rozšiřitelných čítačů C:\Windows\System32\bitsperf.dll služby BITS vygenerovala výjimka 3221225477 na adrese 0x7ff8e2d5233d. Data o výkonu vrácená knihovnou DLL čítačů se nevrátí v bloku dat tohoto typu.

Error: (06/27/2023 10:22:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LSB.exe, verze: 5.0.2.14, časové razítko: 0x6433b813
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22000.2057, časové razítko: 0x3bd21ccd
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000052bac
ID chybujícího procesu: 0x12f0
Čas spuštění chybující aplikace: 0x01d9a9350911514f
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e4e866dd-64d7-4a71-a00b-d78e32b2a1e0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/27/2023 10:22:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LSB.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IndexOutOfRangeException
na Common.MachineInformationCollector.SplitTable(Byte[])
na Common.MachineInformationCollector..ctor()
na Common.Util..cctor()

Informace o výjimce: System.TypeInitializationException
na SysDetect.SysDetectManager.get_DetectDataCache()
na SysDetect.SysDetectManager.HandleDetectRequest(System.String, SysDetect.DetectSource)
na LSB.HTTPServer.handleCors(System.Net.HttpListenerContext)
na LSB.HTTPServer.ListenerCallback(System.IAsyncResult)
na System.Net.LazyAsyncResult.Complete(IntPtr)
na System.Net.LazyAsyncResult.ProtectedInvokeCallback(System.Object, IntPtr)
na System.Net.ListenerAsyncResult.IOCompleted(System.Net.ListenerAsyncResult, UInt32, UInt32)
na System.Threading._IOCompletionCallback.PerformIOCompletionCallback(UInt32, UInt32, System.Threading.NativeOverlapped*)


System errors:
=============
Error: (06/29/2023 07:12:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NOA58GF)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (06/29/2023 07:08:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba WMPNetworkSvc závisí na službě WSearch, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (06/29/2023 06:12:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/29/2023 05:12:17 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/29/2023 07:39:15 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/29/2023 06:43:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBTLHR1F96X-E046963F.SmartDisplays.

Error: (06/29/2023 06:16:25 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (06/28/2023 04:51:08 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{CB0048AA-817B-4C7D-A9B0-AF203F01F0C8}, protože jiný počítač v síti má stejný název. Server nelze spustit.


Windows Defender:
================
Date: 2023-06-28 17:06:45
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tnega!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lenovo\Desktop\Instalace\Win11.Manager.1.0.5\Win11.Manager.1.0.5\Keygen-MADARA\Project X.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOA58GF\Lenovo
Název procesu: C:\Windows\System32\sdiagnhost.exe
Verze bezpečnostních informací: AV: 1.391.2876.0, AS: 1.391.2876.0, NIS: 1.391.2876.0
Verze modulu: AM: 1.1.23050.3, NIS: 1.1.23050.3

Date: 2023-06-28 17:06:43
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\Lenovo\Desktop\Instalace\Office 2013-2021 C2R Install v7.3.2b\Office 2013-2021 C2R Install v7.3.2b\OInstallLite.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOA58GF\Lenovo
Název procesu: C:\Windows\System32\sdiagnhost.exe
Verze bezpečnostních informací: AV: 1.391.2876.0, AS: 1.391.2876.0, NIS: 1.391.2876.0
Verze modulu: AM: 1.1.23050.3, NIS: 1.1.23050.3

Date: 2023-06-28 17:06:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/Keygen
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\Lenovo\Desktop\Instalace\DxO\PhtLb.3.1.0.4301.WT\PhtLb.3.1.0.4301.WT\Patch\dxo.photolab.3.0.0.4210.[x64]-MPT.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-NOA58GF\Lenovo
Název procesu: C:\Windows\System32\sdiagnhost.exe
Verze bezpečnostních informací: AV: 1.391.2876.0, AS: 1.391.2876.0, NIS: 1.391.2876.0
Verze modulu: AM: 1.1.23050.3, NIS: 1.1.23050.3

Date: 2023-06-25 23:07:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {B4A54137-959C-428C-AC14-975948B82C25}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-06-25 21:01:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {413F932E-9F83-4E4A-B293-05F0B53A0D0F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-06-27 22:40:55
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-06-27 22:32:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4c62167d8982367b\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-06-27 21:32:50
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_735c56c633f9ec77\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO LENOVO - 1440 11/06/2020
Motherboard: LENOVO 30BB
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 68%
Total physical RAM: 8099.45 MB
Available physical RAM: 2547.63 MB
Total Virtual: 9379.45 MB
Available Virtual: 3328.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.33 GB) (Free:39.57 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive g: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:291.71 GB) (Model: Samsung SSD 860 EVO 500G SCSI Disk Device) NTFS

\\?\Volume{378c6390-6e10-4618-911f-52c0938791b6}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{1d653cb3-febf-4ccf-8033-8f293b27d1fa}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{d388f1c1-f359-44f9-9ca7-530530751557}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt ======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\MountPoints2: {0743f09b-d11a-11ed-a92f-98eecb25f1de} - "F:\SISetup.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07A0BD0C-782E-4D2C-A0DD-D3DDE097BB79} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {5639E2B2-17A4-48A2-B4FB-9BF73DCA2E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CF3278D6-44E4-4CD5-A4C3-CF20D8AB7637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
C:\Users\Lenovo\Desktop\Instalace\Win11.Manager.1.0.5\Win11.Manager.1.0.5\Keygen-MADARA\Project X.exe
C:\Users\Lenovo\Desktop\Instalace\Office 2013-2021 C2R Install v7.3.2b\Office 2013-2021 C2R Install v7.3.2b\OInstallLite.exe
C:\Users\Lenovo\Desktop\Instalace\DxO\PhtLb.3.1.0.4301.WT\PhtLb.3.1.0.4301.WT\Patch\dxo.photolab.3.0.0.4210.[x64]-MPT.exe

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#7 Příspěvek od petatape »

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-06-2023
Ran by Lenovo (29-06-2023 20:24:17) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Admin & Lenovo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Uninstall 19.232.1124.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\19.232.1124.0008" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\MountPoints2: {0743f09b-d11a-11ed-a92f-98eecb25f1de} - "F:\SISetup.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {07A0BD0C-782E-4D2C-A0DD-D3DDE097BB79} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {5639E2B2-17A4-48A2-B4FB-9BF73DCA2E5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {CF3278D6-44E4-4CD5-A4C3-CF20D8AB7637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-05] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
C:\Users\Lenovo\Desktop\Instalace\Win11.Manager.1.0.5\Win11.Manager.1.0.5\Keygen-MADARA\Project X.exe
C:\Users\Lenovo\Desktop\Instalace\Office 2013-2021 C2R Install v7.3.2b\Office 2013-2021 C2R Install v7.3.2b\OInstallLite.exe
C:\Users\Lenovo\Desktop\Instalace\DxO\PhtLb.3.1.0.4301.WT\PhtLb.3.1.0.4301.WT\Patch\dxo.photolab.3.0.0.4210.[x64]-MPT.exe

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 19.232.1124.0008\amd64" => removed successfully
"HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 19.232.1124.0008" => removed successfully
"HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0743f09b-d11a-11ed-a92f-98eecb25f1de} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07A0BD0C-782E-4D2C-A0DD-D3DDE097BB79}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07A0BD0C-782E-4D2C-A0DD-D3DDE097BB79}" => removed successfully
C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5639E2B2-17A4-48A2-B4FB-9BF73DCA2E5F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5639E2B2-17A4-48A2-B4FB-9BF73DCA2E5F}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CF3278D6-44E4-4CD5-A4C3-CF20D8AB7637}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF3278D6-44E4-4CD5-A4C3-CF20D8AB7637}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"C:\Users\Lenovo\Desktop\Instalace\Win11.Manager.1.0.5\Win11.Manager.1.0.5\Keygen-MADARA\Project X.exe" => not found
"C:\Users\Lenovo\Desktop\Instalace\Office 2013-2021 C2R Install v7.3.2b\Office 2013-2021 C2R Install v7.3.2b\OInstallLite.exe" => not found
"C:\Users\Lenovo\Desktop\Instalace\DxO\PhtLb.3.1.0.4301.WT\PhtLb.3.1.0.4301.WT\Patch\dxo.photolab.3.0.0.4210.[x64]-MPT.exe" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 475069552 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 18431319 B
Edge => 0 B
Chrome => 1772006072 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16122 B
NetworkService => 1348802 B
Admin => 159359504 B
Lenovo => 415313923 B

RecycleBin => 0 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-06-2023 20:29:55)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 20:29:55 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#8 Příspěvek od Rudy »

Samazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#9 Příspěvek od petatape »

Super, děkuji. Jen PC stále nerozpozná televizi připojenou na HDMI, předtím to šlo normálně. Je něco čím bych to mohl napravit? Ovladač grafické karty jsem přeinstaloval, nastavení jsem zkoušel.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#10 Příspěvek od Rudy »

Koukněte sem: https://www.zive.cz/poradna/windows-10- ... tanswers=1 . Nevím ale, zda je to stejné i u Win11.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#11 Příspěvek od petatape »

Bohužel, tak jednoduché to není... Někde jsem narazil na radu zkusit jiný kabel, zdá se mi neuvěřitelné, že by se kabel bez pohybu pokazil, ale už nevím kudy kam. A jinou televizi jsem také zkusil.

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#12 Příspěvek od petatape »

A při hledání v PC, vlevo dole, mi to upozorňuje, že je vypnuto indexování. A v tom samém políčku se objevila nějaká koala... Skoro mám chuť to zahodit.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#13 Příspěvek od Rudy »

Zapnutí indexování: https://community.acer.com/cz/kb/articl ... windows-11 . Indexace proces vyhledávání urychlí. I ten kabel by to teoreticky mohl způsobovat. Někdy nezbude tyto problémy hledat metodou pokus - omyl. Tento, bohužel, mezi ně patří.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

petatape
Návštěvník
Návštěvník
Příspěvky: 300
Registrován: 25 bře 2009 20:48

Re: Prosím o kontrolu

#14 Příspěvek od petatape »

Vše je v pohodě, byl to ten debilní kabel. Asi únava materiálu jak jen ležel a nehýbalo se s ním :)
Díky za pomoc a přeji vám všem krásné léto.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#15 Příspěvek od Rudy »

Nemáte zač a hezké letní zážitky! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět