Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu FRST

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
martin11
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 27 zář 2013 13:54

Prosím o kontrolu logu FRST

#1 Příspěvek od martin11 »

Dobrý den,

mohl bych vás poprosit o kontrolu logu? Mám podezření na nějakou havěť.
Děkuji,



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
Ran by Dana (administrator) on DANA (LENOVO 20354) (07-03-2023 13:33:51)
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana
Platform: Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_2\RdrCEF.exe <7>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE <3>
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_w32.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_x64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <30>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\OtePkiClient\runtime\bin\javaw.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(services.exe ->) (CSH spol. s r.o. -> CSH spol. s r.o.) C:\Program Files (x86)\CSH\SyslSrv\SyslSrv.exe
(services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
(services.exe ->) (Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Dana\AppData\Local\Microsoft\OneDrive\23.007.0109.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Pokki, Inc. -> Pokki) C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OtePkiClient] => C:\Program Files (x86)\OtePkiClient\OtePkiClient-1.1.0.exe [41472 2018-10-18] () [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9499672 2022-12-19] (Pokki, Inc. -> Pokki)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\WINDOWS\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Manažer služeb CSH.lnk [2019-08-04]
ShortcutTarget: Manažer služeb CSH.lnk -> C:\Program Files (x86)\CSH\CSHSvMgr\CSHSvMgr.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016914EE-EEBB-47CB-B50E-86209CDBFF6D} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {057B7463-3976-4F57-BE8F-56C9536B65D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0FCCC7E1-D661-4793-B79C-DE799F0ACBC7} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1794840 2015-01-16] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {15126149-553F-4388-9CE9-4778823C0A56} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {1AAD4F31-ACD5-489A-A545-ED47EB065292} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {1B938EB2-7993-4324-9E02-9FD783653556} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {26BC562C-208B-407C-BA8E-D4EEC75DBE08} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {283A8DA1-ACC1-44DC-B19B-134B51BB85D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8531add-9115-4169-969d-ec12aa625dbe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {40A4BEB9-A5E2-43EC-B414-9FA074C1A47E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {450FDA2A-4E85-4393-A7AA-44E51A267097} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A411905-8B08-4051-B21C-5475B8B7697F} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {522A9030-83C6-4EC9-ACC2-B6630495A51C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {550F2490-6DC7-49E5-893D-C4F58E763D3E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac9541b2-c3df-4aec-84ab-7d391ddcdda9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {578567F6-80C3-4DD5-9319-B114CEAEB9F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5B5B1E6D-C5BA-40F4-B734-E566CB226549} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {62076A29-0C4D-4DB4-920F-8CF800E45C14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {667F03FA-DE21-4081-B64B-35CA65FB1A1C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {6989F28C-0831-49EF-B2FE-F27BC76ED89E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {6DCA2E9F-8BA4-4BA0-994D-A8DEBC6BB594} - System32\Tasks\CCleanerSkipUAC - Dana => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {728E313E-DCC6-417B-B2BB-BE731F942244} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7BDA2A01-5F76-40EA-95A3-84949BDE3B56} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {822BE6E3-F083-417C-A1D0-AE3F55459497} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [674720 2023-02-15] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8500C89C-760C-4A14-BDBE-80C3986E3800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8C2E7807-2621-4844-9329-D447FDFB409A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {8DA1560E-F89A-498A-92FE-973C14D01F48} - System32\Tasks\SweetLabs App Platform => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [7931928 2022-12-19] (Pokki, Inc. -> Pokki)
Task: {8EDC8BC8-9173-4D1B-81FB-541DE25E02F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9505EFC0-B906-4711-9AC9-C413A16A8AAA} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2DC7DC0-6C82-4473-A697-2A8552ABA30B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AF91CA9F-6E1D-41FB-B9E1-A94B1CA3FB24} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B76BF612-03FA-4266-984C-C6E33050FD75} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7CB57D7-F0AD-4B62-8065-572F6258E4A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BC597ABD-3EF9-4058-A08C-695E53FF5F4A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {D9080553-1842-43D6-B473-AC35617F9F78} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e2800c40-1b2a-472e-87b1-be168338018d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DE7446B2-3B86-482A-954A-8104102CA1DD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {E127C638-05E5-41FE-A35B-0A256A369BF7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0cfcc174-5f7f-4fe2-9e0d-38e006da105d" --version "6.09.10300" --silent
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {ED16C1D7-BC8B-4FFA-ABDB-8AF630F22C75} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2a779f2a-eaa2-49b7-ade4-a28784ca4328 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EE4F75BF-AA6E-4D1B-8E43-8E52B54B5669} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F406BB09-101B-4D62-B503-1A274873DF62} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4410216 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1aa72eb6-7416-4153-9196-5c1eaa44f658}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8b8aa02e-7bf1-4198-8807-492e33a94a0b}: [DhcpNameServer] 150.211.1.2

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-03]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Edge relevant text changes) - C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-20]

FireFox:
========
FF DefaultProfile: 9ixtrybw.default-1560963316730
FF ProfilePath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 [2023-03-07]
FF Homepage: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.facebook.com; hxxps://www.postazdarma.cz; hxxps://www.urbanstore.cz; hxxps://www.trenyrkarna.cz; hxxps://online.rb.cz; hxxps://businesscenter.podnikatel.cz; hxxps://drive.google.com
FF Extension: (FormApps Extension) - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2020-10-05]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent -> C:\Users\Dana\AppData\Roaming\OTE\lib\x86\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent-x64 -> C:\Users\Dana\AppData\Roaming\OTE\lib\x64\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)

Chrome:
=======
CHR Profile: C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default [2023-01-23]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
R2 CSHSysel_Service; C:\Program Files (x86)\CSH\SyslSrv\SyslSrv.exe [2666848 2022-08-30] (CSH spol. s r.o. -> CSH spol. s r.o.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-22] (Maxthon (Asia) Limited. -> Maxthon)
R2 MSSQL$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S4 SQLAgent$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [281448 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2021-07-11] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-02-08] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-08] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-06-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 SynTP; C:\WINDOWS\system32\DRIVERS\SynTP.sys [713056 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-07 13:33 - 2023-03-07 13:34 - 000041611 _____ C:\Users\Dana\Downloads\FRST.txt
2023-03-07 13:32 - 2023-03-07 13:34 - 000000000 ____D C:\FRST
2023-03-07 13:31 - 2023-03-07 13:31 - 002378752 _____ (Farbar) C:\Users\Dana\Downloads\FRST64.exe
2023-03-07 08:12 - 2023-03-07 13:29 - 000000000 ____D C:\Users\Dana\AppData\Local\TeamViewer
2023-03-02 12:55 - 2023-03-02 12:55 - 000094016 _____ C:\Users\Dana\Documents\Faktura_2312002(3).pdf
2023-03-02 12:55 - 2023-03-02 12:55 - 000005213 _____ C:\Users\Dana\Documents\Faktura_2312002(3).isdoc
2023-03-01 21:20 - 2023-03-01 21:20 - 000001211 _____ C:\Users\Dana\Downloads\Stravné(7).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000001206 _____ C:\Users\Dana\Downloads\Stravné(8).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000000565 _____ C:\Users\Dana\Downloads\Stravné(9).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001255 _____ C:\Users\Dana\Downloads\Stravné(4).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001239 _____ C:\Users\Dana\Downloads\Stravné(5).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000000574 _____ C:\Users\Dana\Downloads\Stravné(6).csv
2023-03-01 20:49 - 2023-03-01 20:49 - 000094052 _____ C:\Users\Dana\Documents\Faktura_2312002(2).pdf
2023-03-01 20:47 - 2023-03-01 20:47 - 000005232 _____ C:\Users\Dana\Documents\Faktura_2312002.isdoc
2023-03-01 17:26 - 2023-03-01 17:26 - 000007411 _____ C:\Users\Dana\Downloads\priloha_1151863441_0_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.xml
2023-03-01 17:26 - 2023-03-01 17:26 - 000006969 _____ C:\Users\Dana\Downloads\priloha_1151863441_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.html
2023-02-28 21:32 - 2023-02-28 21:32 - 002906875 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213214.xml
2023-02-28 21:31 - 2023-02-28 21:31 - 000270996 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213141.pdf
2023-02-28 20:59 - 2023-02-28 20:59 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(10).xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000574547 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143154.xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000268891 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143130.pdf
2023-02-27 14:21 - 2023-02-27 14:21 - 000153559 _____ C:\Users\Dana\Downloads\DPFZC1-6053082057-20230227-142141.pdf
2023-02-27 12:45 - 2023-02-27 12:45 - 000001870 _____ C:\Users\Dana\Downloads\OSVC_2022(9).xml
2023-02-24 18:25 - 2023-02-24 18:25 - 000366887 _____ C:\Users\Dana\Downloads\priloha_1148241470_0_M01_3890331.pdf
2023-02-24 10:35 - 2023-02-24 10:35 - 000001374 _____ C:\Users\Dana\Desktop\Prehled_prijmu_vydaju_2023 1 – zástupce.lnk
2023-02-22 20:56 - 2023-02-22 20:56 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230222-205606.xml
2023-02-22 20:36 - 2023-02-22 20:36 - 000099500 _____ C:\Users\Dana\Downloads\priloha_1146527144_0_VypisROS.pdf
2023-02-21 22:10 - 2023-02-21 22:10 - 000001882 _____ C:\Users\Dana\Downloads\OSVC_2022(8).xml
2023-02-21 22:01 - 2023-02-21 22:01 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(7).xml
2023-02-21 21:44 - 2023-02-21 21:44 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(6).xml
2023-02-21 21:27 - 2023-02-21 21:27 - 000001884 _____ C:\Users\Dana\Downloads\OSVC_2022(5).xml
2023-02-21 21:21 - 2023-02-21 21:21 - 000001876 _____ C:\Users\Dana\Downloads\OSVC_2022(4).xml
2023-02-21 21:07 - 2023-02-21 21:07 - 000001914 _____ C:\Users\Dana\Downloads\OSVC_2022(3).xml
2023-02-21 20:58 - 2023-02-21 20:58 - 000001918 _____ C:\Users\Dana\Downloads\OSVC_2022(2).xml
2023-02-21 20:54 - 2023-02-21 20:54 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(1).xml
2023-02-21 20:42 - 2023-02-21 20:42 - 000001919 _____ C:\Users\Dana\Downloads\OSVC_2022.xml
2023-02-20 16:06 - 2023-02-20 16:06 - 000179947 _____ C:\Users\Dana\Downloads\priloha_1146483685_0_zprava.pdf
2023-02-20 15:28 - 2023-02-20 15:28 - 000054100 _____ C:\Users\Dana\Downloads\file-331-57_0.pdf
2023-02-20 15:01 - 2023-02-20 15:01 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(3).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022.zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(2).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(1).zip
2023-02-20 12:28 - 2023-02-20 12:28 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122829.xml
2023-02-20 12:28 - 2023-02-20 12:28 - 000377350 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122820.pdf
2023-02-20 10:52 - 2023-02-20 10:52 - 000001363 _____ C:\Users\Dana\Desktop\Prazdniny 2023 Bílkovice – zástupce.lnk
2023-02-20 10:51 - 2023-02-20 10:51 - 000001536 _____ C:\Users\Dana\Desktop\Podklady k daňovému přiznání 2023 – zástupce.lnk
2023-02-19 16:49 - 2023-02-19 16:49 - 000001201 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164909.xml
2023-02-19 16:48 - 2023-02-19 16:48 - 000268714 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164821.pdf
2023-02-15 22:52 - 2023-02-15 22:52 - 001387220 _____ C:\WINDOWS\Minidump\021523-17390-01.dmp
2023-02-15 22:29 - 2023-02-15 22:29 - 000000000 ___HD C:\$WinREAgent
2023-02-15 17:34 - 2023-02-15 17:34 - 000268793 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173433.pdf
2023-02-15 17:34 - 2023-02-15 17:34 - 000001239 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173451.xml
2023-02-15 17:25 - 2023-02-15 17:25 - 001536378 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172509.xml
2023-02-15 17:24 - 2023-02-15 17:25 - 000268875 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172459.pdf
2023-02-15 14:06 - 2023-02-15 14:06 - 000322063 _____ C:\Users\Dana\Downloads\1427115302-metodika-1-dary.pdf
2023-02-15 13:31 - 2023-03-03 08:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-02-13 14:49 - 2023-02-13 14:49 - 000268692 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144935.pdf
2023-02-13 14:49 - 2023-02-13 14:49 - 000001227 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144948.xml
2023-02-13 14:34 - 2023-02-13 14:34 - 000001261 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143401.xml
2023-02-13 14:33 - 2023-02-13 14:33 - 000268780 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143325.pdf
2023-02-08 15:01 - 2023-02-08 15:01 - 000233426 _____ C:\Users\Dana\Downloads\Prihlaska_prazdniny_2023.pdf
2023-02-07 20:13 - 2023-02-07 20:13 - 000001237 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201303.xml
2023-02-07 20:12 - 2023-02-07 20:12 - 000268734 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201253.pdf
2023-02-07 15:11 - 2023-02-07 15:11 - 007225676 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151103.xml
2023-02-07 15:10 - 2023-02-07 15:10 - 000268933 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151053.pdf
2023-02-07 14:37 - 2023-02-07 14:37 - 000066018 _____ C:\Users\Dana\Downloads\Krouzky_dochazka_2022_2023_IIpol.xlsx - Flétna.pdf
2023-02-07 14:11 - 2023-02-07 14:11 - 003564342 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141125.xml
2023-02-07 14:11 - 2023-02-07 14:11 - 000377432 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141116.pdf
2023-02-07 13:30 - 2023-02-07 13:30 - 000179130 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20221201-20221231_cislo-12.pdf
2023-02-07 13:26 - 2023-02-07 13:26 - 000052740 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2302422291_20230102-20230131_cislo-1.pdf
2023-02-07 13:25 - 2023-02-07 13:25 - 000159212 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20230101-20230131_cislo-1.pdf
2023-02-06 10:30 - 2023-02-06 10:30 - 000142978 _____ C:\Users\Dana\Downloads\DPFZC1-9462030600-20230206-103026.pdf
2023-02-05 12:34 - 2023-02-05 12:34 - 007073719 _____ C:\Users\Dana\Documents\Potvrzení manželky.pdf
2023-02-05 12:18 - 2023-02-05 12:18 - 000142880 _____ C:\Users\Dana\Downloads\DPFZC1-5752110133-20230205-121758.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-07 13:35 - 2015-07-17 12:05 - 000000000 ____D C:\Users\Dana\Documents\Soubory aplikace Outlook
2023-03-07 13:31 - 2020-09-14 10:49 - 000000000 ____D C:\Program Files\CCleaner
2023-03-07 13:26 - 2017-12-05 13:57 - 000000000 ____D C:\Users\Dana\AppData\Local\Packages
2023-03-07 13:18 - 2022-02-21 20:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-07 13:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-07 12:48 - 2023-01-16 12:12 - 000715264 _____ C:\Users\Dana\Desktop\Stravné exporty.xls
2023-03-07 12:41 - 2016-11-26 20:02 - 000000000 ____D C:\Users\Dana\AppData\LocalLow\Mozilla
2023-03-07 12:32 - 2021-07-11 10:33 - 001388432 _____ C:\Users\Public\VOIP.dat
2023-03-07 12:32 - 2021-04-15 00:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-07 10:02 - 2015-07-31 08:28 - 000000000 ____D C:\Users\Dana\AppData\Roaming\TeamViewer
2023-03-07 09:54 - 2021-04-15 00:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-07 08:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-07 07:37 - 2021-04-15 00:55 - 000004188 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D92C9930-BA25-43E0-A3F3-CB020A0903DA}
2023-03-06 20:31 - 2023-01-16 12:12 - 000000000 ____D C:\Users\Dana\Documents\Zajicek
2023-03-06 14:20 - 2015-07-03 12:21 - 000000000 ____D C:\Users\Dana\AppData\Local\SweetLabs App Platform
2023-03-06 10:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-06 09:18 - 2020-06-14 23:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-06 09:18 - 2020-06-14 23:28 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-02 10:24 - 2021-04-15 00:51 - 001694952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-02 10:24 - 2019-12-07 15:41 - 000717866 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-02 10:24 - 2019-12-07 15:41 - 000145008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-02 10:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-01 09:40 - 2021-04-15 00:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-01 09:40 - 2021-04-15 00:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-27 23:46 - 2022-02-21 20:07 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-27 23:46 - 2022-02-21 20:07 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-27 11:32 - 2017-01-16 21:06 - 000000000 ____D C:\Users\Dana\Documents\Cvičení
2023-02-27 11:11 - 2017-05-19 14:58 - 000000000 ____D C:\Users\Dana\AppData\Local\CrashDumps
2023-02-26 17:36 - 2021-04-15 00:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-21 21:55 - 2015-07-17 11:45 - 000000000 ____D C:\Users\Dana\Documents\Zz Word
2023-02-20 10:52 - 2017-12-21 20:15 - 000000000 ____D C:\Users\Dana\Documents\Psi
2023-02-19 14:03 - 2022-10-13 21:43 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-19 13:50 - 2022-02-13 00:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-19 13:39 - 2021-04-15 00:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:39 - 2021-04-15 00:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-19 13:39 - 2020-09-17 08:51 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-02-19 13:39 - 2020-09-17 08:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2023-02-19 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-19 13:39 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-19 13:39 - 2017-06-07 15:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-19 13:39 - 2016-10-06 15:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-19 13:39 - 2015-08-01 12:26 - 000000000 __SHD C:\Users\Dana\IntelGraphicsProfiles
2023-02-19 13:39 - 2015-07-14 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-19 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-02-15 22:54 - 2021-10-21 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-15 22:54 - 2015-07-14 20:18 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-15 22:52 - 2023-02-01 12:41 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 22:52 - 2022-12-30 10:30 - 1321193848 _____ C:\WINDOWS\MEMORY.DMP
2023-02-15 22:52 - 2022-08-12 23:09 - 000496432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 22:52 - 2022-05-31 12:31 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 22:45 - 2021-04-15 00:45 - 000000000 ____D C:\Users\Dana
2023-02-15 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 22:35 - 2021-04-15 00:43 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 14:51 - 2015-07-17 12:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 14:46 - 2015-07-17 12:07 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 13:32 - 2018-06-10 15:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:31 - 2023-02-01 12:41 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-09 09:20 - 2017-02-11 23:22 - 000000000 ____D C:\temp

==================== Files in the root of some directories ========

2021-07-11 10:33 - 2023-03-07 12:32 - 001388432 _____ () C:\Users\Public\VOIP.dat
2020-06-05 16:11 - 2020-06-05 16:11 - 024166400 _____ () C:\Program Files (x86)\GUT1D70.tmp
2020-06-04 14:04 - 2020-06-04 14:04 - 024166400 _____ () C:\Program Files (x86)\GUT4407.tmp
2020-06-08 13:55 - 2020-06-08 13:55 - 024166400 _____ () C:\Program Files (x86)\GUT5544.tmp
2020-06-08 20:02 - 2020-06-08 20:02 - 024166400 _____ () C:\Program Files (x86)\GUT87AC.tmp
2020-06-02 14:27 - 2020-06-02 14:27 - 024166400 _____ () C:\Program Files (x86)\GUT8D68.tmp
2020-06-08 06:57 - 2020-06-08 06:57 - 024166400 _____ () C:\Program Files (x86)\GUT913A.tmp
2020-06-07 18:50 - 2020-06-07 18:50 - 024166400 _____ () C:\Program Files (x86)\GUTB494.tmp
2020-06-05 09:13 - 2020-06-05 09:13 - 024166400 _____ () C:\Program Files (x86)\GUTD9E1.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Dana (07-03-2023 13:36:16)
Running from C:\Users\Dana\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) (2021-04-14 23:56:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1892162270-2039198232-2114183084-500 - Administrator - Disabled)
Dana (S-1-5-21-1892162270-2039198232-2114183084-1002 - Administrator - Enabled) => C:\Users\Dana
DefaultAccount (S-1-5-21-1892162270-2039198232-2114183084-503 - Limited - Disabled)
Guest (S-1-5-21-1892162270-2039198232-2114183084-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1892162270-2039198232-2114183084-1004 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1892162270-2039198232-2114183084-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a0f22a81-00d1-45d6-9cad-d93c57053e53}) (Version: 20.10.2 - Intel Corporation)
Brother MFL-Pro Suite DCP-7070DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.2.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CGI PKI .NET Component (HKLM-x32\...\CGIPkcs) (Version: 2.0.1.0 - CGI IT Czech Republic s.r.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.267.0 - Conexant Systems)
CyberLink MediaStory (HKLM-x32\...\{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DS komunikátor (HKLM-x32\...\DS komunikátor_is1) (Version: 2.60 - CSH spol. s r.o.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
GARDENA Robotic Mower Upgrade (HKLM-x32\...\{436E7B5E-4162-4E13-BECB-71CA96408D58}) (Version: 1.2.21315.3 - Husqvarna Group AB)
GDR 5343 for SQL Server 2012 (KB3045321) (64-bit) (HKLM\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
GDR 5388 for SQL Server 2012 (KB3194719) (64-bit) (HKLM\...\KB3194719) (Version: 11.2.5388.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Host App Service (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\SweetLabs_AP) (Version: 0.269.9.263 - Pokki) <==== ATTENTION
Intel(R) Chipset Device Software (HKLM\...\{6FAC699B-7992-4C62-9839-4783564CAEDD}) (Version: 10.1.1.40 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1029-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{27833D55-FD60-4C16-9794-8715028E1783}) (Version: 20.10.1.1190 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Lenovo Web Start (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki) <==== ATTENTION
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Audio Enhancement Troubleshooter installer (HKLM\...\{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{2B9EE1FE-105F-4093-A40E-C1BF12F873B7}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (HKLM\...\{9F616548-62E3-4C12-9E35-74A650BC199C}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{C23DBA16-E075-41BE-AE2E-C1B0DD0B4535}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27024 (HKLM-x32\...\{7258184A-EC44-4B1A-A7D3-68D85A35BFD0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27024 (HKLM-x32\...\{5EEFCEFB-E5F7-4C82-99A5-813F04AA4FBD}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 110.0 (x64 cs)) (Version: 110.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Ovladače grafiky 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OtePkiClient (HKLM-x32\...\OtePkiClient) (Version: 1.1.0 - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.12 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Start Menu (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\SweetLabs_Start_Menu) (Version: 0.269.9.263 - Pokki) <==== ATTENTION
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Komplet (HKLM-x32\...\{33D78551-67AB-4219-A45B-2DE586B95A91}) (Version: 13300.82 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
upgrade Sysel/Syslík pro Windows XP/Vista/7/8/10/11 (HKLM-x32\...\Sysel/Syslík CS_is1) (Version: 5.4.9 - CSH spol. s r.o.)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 6.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zákon 4 (HKLM-x32\...\{01DDA447-B7B2-4881-AE7B-F5B36650A713}) (Version: 4.1.52 - )
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ZoomUMX) (Version: 5.12.8 (10232) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2205.38.0_x64__6dqnvyezrysvy [2022-05-12] (Dailymotion)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-07-17] (Hightail)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-24] (LENOVO INC.)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-07-17] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2015-07-17] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.3.2230.0_x64__8wekyb3d8bbwe [2023-02-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2015-07-17] (CYBERLINK COM CORPORATION)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.3.81.0_x64__kx24dqmazqk8j [2022-10-22] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spider Solitaire 10 ! -> C:\Program Files\WindowsApps\8786PokerSolitaireCardPuz.SpiderSolitaire8_1.2.2.0_x64__k01jvj6q54pxy [2016-12-21] (Solitaire Puzzle Game by XSS) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-10-14] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-01-13 22:18 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000978944 ____N () [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2015-09-01 18:32 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2016-01-13 22:18 - 2012-04-23 15:03 - 000380928 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-01-13 22:18 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2016-01-13 22:18 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2016-01-13 22:18 - 2012-01-11 14:39 - 000626688 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000155648 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2016-01-13 22:18 - 2012-07-06 13:33 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000131072 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcFcnv.dll
2016-01-13 22:18 - 2012-07-06 13:33 - 017694720 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2016-01-13 22:18 - 2012-07-17 13:36 - 000094208 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcSmon.dll
2015-09-01 18:32 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-09-01 19:49 - 2012-09-14 08:53 - 000241664 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImageConversion.dll
2015-09-01 19:49 - 2012-09-14 08:53 - 000098304 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgPdf.dll
2015-09-01 19:49 - 2012-09-14 08:53 - 000118784 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\brTPGSplash.dll
2015-08-26 11:09 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2017-08-18 15:41 - 2016-06-09 12:35 - 000588800 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2017-08-18 15:23 - 2015-06-17 15:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2017-08-18 15:23 - 2015-06-17 15:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2017-08-18 15:41 - 2016-06-09 10:57 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-10-16 10:03 - 2014-04-24 01:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2021-04-15 00:47 - 2021-04-15 00:47 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2018-05-01 09:12 - 2018-05-01 09:12 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll
2020-04-20 10:33 - 2020-04-20 10:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2018-05-01 09:27 - 2018-05-01 09:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-04-20 10:33 - 2020-04-20 10:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2018-05-01 09:27 - 2018-05-01 09:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files (x86)\Microsoft Office\root\Client\C2R64.dll
2018-05-01 09:26 - 2018-05-01 09:26 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {C79D9AD9-BC3B-4354-A064-782B78A0379B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ote-cr.cz -> hxxps://rbe.ote-cr.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-09-14 10:54 - 000000892 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AOMEI Backupper;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5422271-8B1E-402B-98B9-5E4624453409}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EAE6057-CAE4-4186-8701-10E8FFD5DA80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C8F27F9-1335-4588-BB29-6015A8AA614B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{E59497B7-9E0D-492A-9EFC-AFE3CC578B6F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{82B55D03-7C48-418B-AA96-FD99FB40319F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{55560255-B646-449C-B271-3AB4C80769DF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{5A00D961-950C-49C7-A816-F9CBE5656FBF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{93FED057-A47A-400F-9AF2-EC38A8DCA178}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A1D0C6D2-93DD-48F2-9DA5-8C627DC1BD1D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6671849B-9283-44F2-A7F7-4EBBCA4757AC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{701A67FA-A480-427E-A361-2F44CAE7229F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{68B0A30D-068D-4417-ACF9-C61B1923C3C7}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AC2F32D6-DA41-4CA7-B9D2-473FAC25312A}] => (Allow) LPort=55100
FirewallRules: [{47944713-9CCD-4DFD-89F6-F8E96ED3AEB1}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{D84738FA-D42C-4A60-B454-BFCC578F96BD}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A651D13-42D0-4580-A119-8949842FAC89}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C525054A-A2EB-4987-AC39-DAC743526386}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8265725B-7864-418F-86F9-878C5EAB1007}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D22C0C2-7A05-4021-A037-0CE7F6D05A84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC42B638-B3E6-494E-8162-C7513569DC2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{725EB5E1-2376-4DDE-AE98-C7C96211AB5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{106A9134-F1DC-4A79-816E-271236DAD235}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D2B8567C-C59B-4127-B79C-CF265EB18B6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A8C0DAE-8338-4D46-B0C6-8F0996B081A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EEF3B83C-E2A3-4D9D-B82B-CD2E66D4F076}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{06B3B4E1-F2EC-4AFF-A30C-E0D9219F280B}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{91EB11D4-E2A4-4951-B21C-EFD62AB4DBF5}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{5AF1EBB8-6EB4-41D1-B5D7-44AC09FC3EC0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{F06E2B78-0EEE-44E4-8D06-03EC9495B0B0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{60A32A2C-5300-4CD6-9E7F-9B4FAEF3F362}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D011BB2-FA32-4876-835E-DE6A3E9D5EA8}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A1CBF227-32E4-4A8A-9C14-65BD51D8B9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AFB0D174-6088-4457-82A6-8A525563F74B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35E21716-2739-4834-BC86-9DF2F74AD2A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD113D8A-B08B-4FF5-948E-702AAC80B753}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92487433-0F3F-4A89-A441-C7A2C1F467A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAFF400B-DD85-48BF-B056-78047B2561A0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-02-2023 22:29:10 Instalační služba modulů systému Windows
24-02-2023 10:44:20 Naplánovaný kontrolní bod
06-03-2023 14:27:20 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/27/2023 11:11:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Solitaire.exe, verze: 0.0.0.0, časové razítko: 0x6389c802
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff6a9
ID chybujícího procesu: 0x1720
Čas spuštění chybující aplikace: 0x01d94460bda3cad5
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe\Solitaire.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 26c25b7c-b821-4222-a6b7-03ce1b877de4
Úplný název chybujícího balíčku: Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/19/2023 01:39:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.1806, časové razítko: 0x7dcad237
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2311, časové razítko: 0xf4ecbc84
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1078
ID chybujícího procesu: 0x678
Čas spuštění chybující aplikace: 0x01d9445f2d4b398e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 2d582a00-bc6c-4c10-b379-ac79a014ea4d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/19/2023 01:39:25 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2023 10:52:26 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.


System errors:
=============
Error: (02/22/2023 07:52:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%2147952449 = Požadovaná adresa není v tomto kontextu platná.

Error: (02/21/2023 10:28:46 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (02/19/2023 01:42:18 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/19/2023 01:39:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/15/2023 10:55:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/15/2023 10:54:39 PM) (Source: DCOM) (EventID: 10010) (User: DANA)
Description: Server {0006F03A-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/15/2023 10:52:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/15/2023 10:52:21 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffff8e87f8931040, 0xffff9f0c34c29880). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: d92c83b0-2f20-487d-b981-c8456b19e3f2


Windows Defender:
================
Date: 2023-03-06 10:05:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {91B223E2-A685-4216-A25F-A6562FC92C83}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-03 13:46:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9C46EC6E-E702-4D0E-B8F5-66A4A66802BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-02 14:04:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC4E4BC5-E916-45AA-85D8-283E69B188A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-28 20:25:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3EF05647-B13D-4483-805D-F8E79552AA04}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-27 17:22:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4161055-734A-4AD3-9C0C-FF5ABE1AFF7E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-02-01 12:27:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2978.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402f
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-01-10 16:29:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1961.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-02-19 13:59:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-01 14:33:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-12 19:32:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9BCN26WW 07/31/2014
Motherboard: LENOVO Lancer 5A5
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 80%
Total physical RAM: 8084.27 MB
Available physical RAM: 1592.07 MB
Total Virtual: 15508.27 MB
Available Virtual: 2654.89 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:910.91 GB) (Free:743.33 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:18.64 GB) (Free:15.13 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS

\\?\Volume{1b3354ea-f8bb-11ea-8317-d07e351216ea}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{a67a785c-0374-442a-9fdf-c22eb004b3e5}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{49753232-86a0-4332-a4b1-dea4eb83f585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4DBDEDDC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu FRST

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martin11
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 27 zář 2013 13:54

Re: Prosím o kontrolu logu FRST

#3 Příspěvek od martin11 »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-07-2023
# Duration: 00:00:15
# OS: Windows 10 (Build 19044.2604)
# Scanned: 32097
# Detected: 93


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Pokki
Adware.pokki C:\Users\Dana\AppData\Local\Pokki
Adware.pokki C:\Users\Public\Pokki
Adware.pokki C:\Users\UpdatusUser\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki
PUP.Optional.Legacy C:\Users\Dana\AppData\Local\SweetLabs App Platform
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys
PUP.Optional.PCAppStore C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
PUP.Optional.VisualDiscovery C:\Windows\SysWOW64\VisualDiscovery.ini
PUP.Optional.Winsock.WnskRST C:\Windows\SysWOW64\VisualDiscoveryOff.ini
PUP.Optional.Winsock.WnskRST C:\Windows\System32\VisualDiscoveryOff.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Adware.pokki HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Adware.pokki HKCU\Software\Classes\Directory\shell\pokki
Adware.pokki HKCU\Software\Classes\Drive\shell\pokki
Adware.pokki HKCU\Software\Classes\lnkfile\shell\pokki
Adware.pokki HKCU\Software\Classes\pokki
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Adware.pokki HKCU\Software\SweetLabs App Platform
PUP.Adware.Heuristic HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
PUP.Optional.DriverUpdate HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA1560E-F89A-498A-92FE-973C14D01F48}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\Superfish Inc. VisualDiscovery
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\VisualDiscovery
PUP.Optional.WebWatcher HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
PUP.Optional.WebWatcher HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
PUP.Optional.WebWatcher HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
PUP.Optional.WebWatcher HKLM\Software\Wow6432Node\\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
PUP.Optional.WebWatcher HKLM\Software\Wow6432Node\\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
PUP.Optional.WebWatcher HKLM\Software\Wow6432Node\\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HightailforLenovo Folder C:\Program Files (x86)\HIGHTAIL\HIGHTAIL FOR LENOVO
Preinstalled.HightailforLenovo Folder C:\Program Files\HIGHTAIL\HIGHTAIL FOR LENOVO
Preinstalled.HightailforLenovo Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HIGHTAIL\HIGHTAIL FOR LENOVO
Preinstalled.HightailforLenovo Registry HKLM\Software\Classes\CLSID\{1E9CED2C-E7B4-4C47-B07A-25416393B67B}
Preinstalled.HightailforLenovo Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}
Preinstalled.HightailforLenovo Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{1E9CED2C-E7B4-4C47-B07A-25416393B67B}
Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Dana\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoPhotoMaster File C:\Users\Public\Desktop\Lenovo Photo Master.lnk
Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPower2Go File C:\Users\Public\Desktop\CyberLink Power2Go.lnk
Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|UpdateP2GShortCut
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoPowerDVD File C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\Lenovo SHAREit.lnk
Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo SHAREit_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########




# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-07-2023
# Duration: 00:00:35
# OS: Windows 10 (Build 19044.2604)
# Cleaned: 57
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Dana\AppData\Local\Pokki
Deleted C:\Users\Dana\AppData\Local\SweetLabs App Platform
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\Public\Pokki
Deleted C:\Users\UpdatusUser\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki

***** [ Files ] *****

Deleted C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Windows\SysWOW64\VisualDiscovery.ini
Deleted C:\Windows\SysWOW64\VisualDiscoveryOff.ini
Deleted C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
Deleted C:\Windows\System32\VisualDiscoveryOff.ini
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA1560E-F89A-498A-92FE-973C14D01F48}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\Superfish Inc. VisualDiscovery
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [11006 octets] - [07/03/2023 16:41:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu FRST

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martin11
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 27 zář 2013 13:54

Re: Prosím o kontrolu logu FRST

#5 Příspěvek od martin11 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
Ran by Dana (administrator) on DANA (LENOVO 20354) (08-03-2023 08:53:37)
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana
Platform: Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_w32.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_x64.exe
(CompatTelRunner.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(msfeedssync.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\OtePkiClient\runtime\bin\javaw.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe\Solitaire.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OtePkiClient] => C:\Program Files (x86)\OtePkiClient\OtePkiClient-1.1.0.exe [41472 2018-10-18] () [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe /addfavoritec:\users\dana\desktop\office4 --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions -- (the data entry has 623 more characters). (No File)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\WINDOWS\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Manažer služeb CSH.lnk [2019-08-04]
ShortcutTarget: Manažer služeb CSH.lnk -> C:\Program Files (x86)\CSH\CSHSvMgr\CSHSvMgr.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016914EE-EEBB-47CB-B50E-86209CDBFF6D} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {057B7463-3976-4F57-BE8F-56C9536B65D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D0E4D5F-AEEE-4D01-A0C7-78ECA4418FF6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {0DBC2EDA-0A8C-4D82-B3B7-43196C02FD3E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FCCC7E1-D661-4793-B79C-DE799F0ACBC7} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1794840 2015-01-16] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {15126149-553F-4388-9CE9-4778823C0A56} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {1AAD4F31-ACD5-489A-A545-ED47EB065292} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {1B938EB2-7993-4324-9E02-9FD783653556} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {283A8DA1-ACC1-44DC-B19B-134B51BB85D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8531add-9115-4169-969d-ec12aa625dbe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A411905-8B08-4051-B21C-5475B8B7697F} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {522A9030-83C6-4EC9-ACC2-B6630495A51C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {550F2490-6DC7-49E5-893D-C4F58E763D3E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac9541b2-c3df-4aec-84ab-7d391ddcdda9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {578567F6-80C3-4DD5-9319-B114CEAEB9F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5B5B1E6D-C5BA-40F4-B734-E566CB226549} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {62076A29-0C4D-4DB4-920F-8CF800E45C14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {667F03FA-DE21-4081-B64B-35CA65FB1A1C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {6728C0DA-32E7-4D95-8D8A-D0F666BE9D94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {6989F28C-0831-49EF-B2FE-F27BC76ED89E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {6DCA2E9F-8BA4-4BA0-994D-A8DEBC6BB594} - System32\Tasks\CCleanerSkipUAC - Dana => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {728E313E-DCC6-417B-B2BB-BE731F942244} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7BDA2A01-5F76-40EA-95A3-84949BDE3B56} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {822BE6E3-F083-417C-A1D0-AE3F55459497} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [674720 2023-03-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8500C89C-760C-4A14-BDBE-80C3986E3800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8EDC8BC8-9173-4D1B-81FB-541DE25E02F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9505EFC0-B906-4711-9AC9-C413A16A8AAA} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2DC7DC0-6C82-4473-A697-2A8552ABA30B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5251A0B-8FB6-4969-B502-4BD9AFF162BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AF91CA9F-6E1D-41FB-B9E1-A94B1CA3FB24} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B7CB57D7-F0AD-4B62-8065-572F6258E4A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BC597ABD-3EF9-4058-A08C-695E53FF5F4A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {D9080553-1842-43D6-B473-AC35617F9F78} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e2800c40-1b2a-472e-87b1-be168338018d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DE7446B2-3B86-482A-954A-8104102CA1DD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {E127C638-05E5-41FE-A35B-0A256A369BF7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0cfcc174-5f7f-4fe2-9e0d-38e006da105d" --version "6.09.10300" --silent
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {ED16C1D7-BC8B-4FFA-ABDB-8AF630F22C75} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2a779f2a-eaa2-49b7-ade4-a28784ca4328 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EE4F75BF-AA6E-4D1B-8E43-8E52B54B5669} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F406BB09-101B-4D62-B503-1A274873DF62} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4410216 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION
Task: {FAB4A4F5-7824-4C5F-A732-E9B8813AC3A1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1aa72eb6-7416-4153-9196-5c1eaa44f658}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8b8aa02e-7bf1-4198-8807-492e33a94a0b}: [DhcpNameServer] 150.211.1.2

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-03]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Edge relevant text changes) - C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-20]

FireFox:
========
FF DefaultProfile: 9ixtrybw.default-1560963316730
FF ProfilePath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 [2023-03-08]
FF Homepage: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.facebook.com; hxxps://www.postazdarma.cz; hxxps://www.urbanstore.cz; hxxps://www.trenyrkarna.cz; hxxps://online.rb.cz; hxxps://businesscenter.podnikatel.cz; hxxps://drive.google.com
FF Extension: (FormApps Extension) - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2020-10-05]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent -> C:\Users\Dana\AppData\Roaming\OTE\lib\x86\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent-x64 -> C:\Users\Dana\AppData\Roaming\OTE\lib\x64\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)

Chrome:
=======
CHR Profile: C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default [2023-01-23]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
S2 CSHSysel_Service; C:\Program Files (x86)\CSH\SyslSrv\SyslSrv.exe [2666848 2022-08-30] (CSH spol. s r.o. -> CSH spol. s r.o.)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S2 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-22] (Maxthon (Asia) Limited. -> Maxthon)
R2 MSSQL$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S4 SQLAgent$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [281448 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2021-07-11] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-02-08] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-08] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
R3 SynTP; C:\WINDOWS\system32\DRIVERS\SynTP.sys [713056 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-08 08:53 - 2023-03-08 08:54 - 000034810 _____ C:\Users\Dana\Downloads\FRST.txt
2023-03-07 16:41 - 2023-03-07 16:42 - 000000000 ____D C:\AdwCleaner
2023-03-07 16:39 - 2023-03-07 16:39 - 008791352 _____ (Malwarebytes) C:\Users\Dana\Downloads\adwcleaner.exe
2023-03-07 13:36 - 2023-03-07 13:38 - 000065330 _____ C:\Users\Dana\Downloads\1_Addition.txt
2023-03-07 13:33 - 2023-03-07 13:38 - 000057373 _____ C:\Users\Dana\Downloads\1_FRST.txt
2023-03-07 13:32 - 2023-03-08 08:54 - 000000000 ____D C:\FRST
2023-03-07 13:31 - 2023-03-07 13:31 - 002378752 _____ (Farbar) C:\Users\Dana\Downloads\FRST64.exe
2023-03-07 08:12 - 2023-03-07 13:29 - 000000000 ____D C:\Users\Dana\AppData\Local\TeamViewer
2023-03-03 08:56 - 2023-03-07 22:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-03-02 12:55 - 2023-03-02 12:55 - 000094016 _____ C:\Users\Dana\Documents\Faktura_2312002(3).pdf
2023-03-02 12:55 - 2023-03-02 12:55 - 000005213 _____ C:\Users\Dana\Documents\Faktura_2312002(3).isdoc
2023-03-01 21:20 - 2023-03-01 21:20 - 000001211 _____ C:\Users\Dana\Downloads\Stravné(7).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000001206 _____ C:\Users\Dana\Downloads\Stravné(8).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000000565 _____ C:\Users\Dana\Downloads\Stravné(9).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001255 _____ C:\Users\Dana\Downloads\Stravné(4).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001239 _____ C:\Users\Dana\Downloads\Stravné(5).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000000574 _____ C:\Users\Dana\Downloads\Stravné(6).csv
2023-03-01 20:49 - 2023-03-01 20:49 - 000094052 _____ C:\Users\Dana\Documents\Faktura_2312002(2).pdf
2023-03-01 20:47 - 2023-03-01 20:47 - 000005232 _____ C:\Users\Dana\Documents\Faktura_2312002.isdoc
2023-03-01 17:26 - 2023-03-01 17:26 - 000007411 _____ C:\Users\Dana\Downloads\priloha_1151863441_0_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.xml
2023-03-01 17:26 - 2023-03-01 17:26 - 000006969 _____ C:\Users\Dana\Downloads\priloha_1151863441_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.html
2023-02-28 21:32 - 2023-02-28 21:32 - 002906875 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213214.xml
2023-02-28 21:31 - 2023-02-28 21:31 - 000270996 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213141.pdf
2023-02-28 20:59 - 2023-02-28 20:59 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(10).xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000574547 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143154.xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000268891 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143130.pdf
2023-02-27 14:21 - 2023-02-27 14:21 - 000153559 _____ C:\Users\Dana\Downloads\DPFZC1-6053082057-20230227-142141.pdf
2023-02-27 12:45 - 2023-02-27 12:45 - 000001870 _____ C:\Users\Dana\Downloads\OSVC_2022(9).xml
2023-02-24 18:25 - 2023-02-24 18:25 - 000366887 _____ C:\Users\Dana\Downloads\priloha_1148241470_0_M01_3890331.pdf
2023-02-24 10:35 - 2023-02-24 10:35 - 000001374 _____ C:\Users\Dana\Desktop\Prehled_prijmu_vydaju_2023 1 – zástupce.lnk
2023-02-22 20:56 - 2023-02-22 20:56 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230222-205606.xml
2023-02-22 20:36 - 2023-02-22 20:36 - 000099500 _____ C:\Users\Dana\Downloads\priloha_1146527144_0_VypisROS.pdf
2023-02-21 22:10 - 2023-02-21 22:10 - 000001882 _____ C:\Users\Dana\Downloads\OSVC_2022(8).xml
2023-02-21 22:01 - 2023-02-21 22:01 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(7).xml
2023-02-21 21:44 - 2023-02-21 21:44 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(6).xml
2023-02-21 21:27 - 2023-02-21 21:27 - 000001884 _____ C:\Users\Dana\Downloads\OSVC_2022(5).xml
2023-02-21 21:21 - 2023-02-21 21:21 - 000001876 _____ C:\Users\Dana\Downloads\OSVC_2022(4).xml
2023-02-21 21:07 - 2023-02-21 21:07 - 000001914 _____ C:\Users\Dana\Downloads\OSVC_2022(3).xml
2023-02-21 20:58 - 2023-02-21 20:58 - 000001918 _____ C:\Users\Dana\Downloads\OSVC_2022(2).xml
2023-02-21 20:54 - 2023-02-21 20:54 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(1).xml
2023-02-21 20:42 - 2023-02-21 20:42 - 000001919 _____ C:\Users\Dana\Downloads\OSVC_2022.xml
2023-02-20 16:06 - 2023-02-20 16:06 - 000179947 _____ C:\Users\Dana\Downloads\priloha_1146483685_0_zprava.pdf
2023-02-20 15:28 - 2023-02-20 15:28 - 000054100 _____ C:\Users\Dana\Downloads\file-331-57_0.pdf
2023-02-20 15:01 - 2023-02-20 15:01 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(3).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022.zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(2).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(1).zip
2023-02-20 12:28 - 2023-02-20 12:28 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122829.xml
2023-02-20 12:28 - 2023-02-20 12:28 - 000377350 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122820.pdf
2023-02-20 10:52 - 2023-02-20 10:52 - 000001363 _____ C:\Users\Dana\Desktop\Prazdniny 2023 Bílkovice – zástupce.lnk
2023-02-20 10:51 - 2023-02-20 10:51 - 000001536 _____ C:\Users\Dana\Desktop\Podklady k daňovému přiznání 2023 – zástupce.lnk
2023-02-19 16:49 - 2023-02-19 16:49 - 000001201 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164909.xml
2023-02-19 16:48 - 2023-02-19 16:48 - 000268714 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164821.pdf
2023-02-15 22:52 - 2023-02-15 22:52 - 001387220 _____ C:\WINDOWS\Minidump\021523-17390-01.dmp
2023-02-15 22:29 - 2023-02-15 22:29 - 000000000 ___HD C:\$WinREAgent
2023-02-15 17:34 - 2023-02-15 17:34 - 000268793 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173433.pdf
2023-02-15 17:34 - 2023-02-15 17:34 - 000001239 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173451.xml
2023-02-15 17:25 - 2023-02-15 17:25 - 001536378 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172509.xml
2023-02-15 17:24 - 2023-02-15 17:25 - 000268875 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172459.pdf
2023-02-15 14:06 - 2023-02-15 14:06 - 000322063 _____ C:\Users\Dana\Downloads\1427115302-metodika-1-dary.pdf
2023-02-13 14:49 - 2023-02-13 14:49 - 000268692 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144935.pdf
2023-02-13 14:49 - 2023-02-13 14:49 - 000001227 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144948.xml
2023-02-13 14:34 - 2023-02-13 14:34 - 000001261 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143401.xml
2023-02-13 14:33 - 2023-02-13 14:33 - 000268780 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143325.pdf
2023-02-08 15:01 - 2023-02-08 15:01 - 000233426 _____ C:\Users\Dana\Downloads\Prihlaska_prazdniny_2023.pdf
2023-02-07 20:13 - 2023-02-07 20:13 - 000001237 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201303.xml
2023-02-07 20:12 - 2023-02-07 20:12 - 000268734 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201253.pdf
2023-02-07 15:11 - 2023-02-07 15:11 - 007225676 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151103.xml
2023-02-07 15:10 - 2023-02-07 15:10 - 000268933 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151053.pdf
2023-02-07 14:37 - 2023-02-07 14:37 - 000066018 _____ C:\Users\Dana\Downloads\Krouzky_dochazka_2022_2023_IIpol.xlsx - Flétna.pdf
2023-02-07 14:11 - 2023-02-07 14:11 - 003564342 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141125.xml
2023-02-07 14:11 - 2023-02-07 14:11 - 000377432 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141116.pdf
2023-02-07 13:30 - 2023-02-07 13:30 - 000179130 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20221201-20221231_cislo-12.pdf
2023-02-07 13:26 - 2023-02-07 13:26 - 000052740 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2302422291_20230102-20230131_cislo-1.pdf
2023-02-07 13:25 - 2023-02-07 13:25 - 000159212 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20230101-20230131_cislo-1.pdf
2023-02-06 10:30 - 2023-02-06 10:30 - 000142978 _____ C:\Users\Dana\Downloads\DPFZC1-9462030600-20230206-103026.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-08 08:53 - 2021-04-15 00:55 - 000004188 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D92C9930-BA25-43E0-A3F3-CB020A0903DA}
2023-03-08 08:53 - 2020-09-14 10:49 - 000000000 ____D C:\Program Files\CCleaner
2023-03-08 08:53 - 2016-11-26 20:02 - 000000000 ____D C:\Users\Dana\AppData\LocalLow\Mozilla
2023-03-08 08:53 - 2015-07-17 12:05 - 000000000 ____D C:\Users\Dana\Documents\Soubory aplikace Outlook
2023-03-08 08:52 - 2023-01-16 12:12 - 000000000 ____D C:\Users\Dana\Documents\Zajicek
2023-03-08 08:51 - 2022-02-21 20:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-08 08:50 - 2021-07-11 10:33 - 001388432 _____ C:\Users\Public\VOIP.dat
2023-03-08 08:50 - 2021-04-15 00:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-08 08:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-07 23:30 - 2017-12-05 13:57 - 000000000 ____D C:\Users\Dana\AppData\Local\Packages
2023-03-07 22:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-07 22:38 - 2022-02-13 00:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-07 22:37 - 2021-10-21 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-03-07 22:37 - 2015-07-14 20:18 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-07 22:37 - 2015-07-14 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-07 16:51 - 2014-10-16 10:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-07 16:43 - 2016-10-06 15:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-07 16:42 - 2020-09-17 08:51 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-03-07 16:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-03-07 16:38 - 2015-07-31 08:28 - 000000000 ____D C:\Users\Dana\AppData\Roaming\TeamViewer
2023-03-07 09:54 - 2021-04-15 00:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-07 08:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-06 10:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-06 09:18 - 2020-06-14 23:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-06 09:18 - 2020-06-14 23:28 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-03 12:23 - 2023-01-16 12:12 - 000715264 _____ C:\Users\Dana\Desktop\Stravné exporty.xls
2023-03-02 10:24 - 2021-04-15 00:51 - 001694952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-02 10:24 - 2019-12-07 15:41 - 000717866 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-02 10:24 - 2019-12-07 15:41 - 000145008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-02 10:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-01 09:40 - 2021-04-15 00:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-01 09:40 - 2021-04-15 00:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-27 23:46 - 2022-02-21 20:07 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-27 23:46 - 2022-02-21 20:07 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-27 11:32 - 2017-01-16 21:06 - 000000000 ____D C:\Users\Dana\Documents\Cvičení
2023-02-27 11:11 - 2017-05-19 14:58 - 000000000 ____D C:\Users\Dana\AppData\Local\CrashDumps
2023-02-26 17:36 - 2021-04-15 00:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-21 21:55 - 2015-07-17 11:45 - 000000000 ____D C:\Users\Dana\Documents\Zz Word
2023-02-20 10:52 - 2017-12-21 20:15 - 000000000 ____D C:\Users\Dana\Documents\Psi
2023-02-19 14:03 - 2022-10-13 21:43 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-19 13:39 - 2021-04-15 00:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:39 - 2021-04-15 00:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-19 13:39 - 2020-09-17 08:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2023-02-19 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:39 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-19 13:39 - 2017-06-07 15:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-19 13:39 - 2015-08-01 12:26 - 000000000 __SHD C:\Users\Dana\IntelGraphicsProfiles
2023-02-19 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-02-15 22:52 - 2023-02-01 12:41 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 22:52 - 2022-12-30 10:30 - 1321193848 _____ C:\WINDOWS\MEMORY.DMP
2023-02-15 22:52 - 2022-08-12 23:09 - 000496432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 22:52 - 2022-05-31 12:31 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 22:45 - 2021-04-15 00:45 - 000000000 ____D C:\Users\Dana
2023-02-15 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 22:35 - 2021-04-15 00:43 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 14:51 - 2015-07-17 12:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 14:46 - 2015-07-17 12:07 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 13:32 - 2018-06-10 15:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:31 - 2023-02-01 12:41 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-09 09:20 - 2017-02-11 23:22 - 000000000 ____D C:\temp

==================== Files in the root of some directories ========

2021-07-11 10:33 - 2023-03-08 08:50 - 001388432 _____ () C:\Users\Public\VOIP.dat
2020-06-05 16:11 - 2020-06-05 16:11 - 024166400 _____ () C:\Program Files (x86)\GUT1D70.tmp
2020-06-04 14:04 - 2020-06-04 14:04 - 024166400 _____ () C:\Program Files (x86)\GUT4407.tmp
2020-06-08 13:55 - 2020-06-08 13:55 - 024166400 _____ () C:\Program Files (x86)\GUT5544.tmp
2020-06-08 20:02 - 2020-06-08 20:02 - 024166400 _____ () C:\Program Files (x86)\GUT87AC.tmp
2020-06-02 14:27 - 2020-06-02 14:27 - 024166400 _____ () C:\Program Files (x86)\GUT8D68.tmp
2020-06-08 06:57 - 2020-06-08 06:57 - 024166400 _____ () C:\Program Files (x86)\GUT913A.tmp
2020-06-07 18:50 - 2020-06-07 18:50 - 024166400 _____ () C:\Program Files (x86)\GUTB494.tmp
2020-06-05 09:13 - 2020-06-05 09:13 - 024166400 _____ () C:\Program Files (x86)\GUTD9E1.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Dana (08-03-2023 08:56:03)
Running from C:\Users\Dana\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) (2021-04-14 23:56:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1892162270-2039198232-2114183084-500 - Administrator - Disabled)
Dana (S-1-5-21-1892162270-2039198232-2114183084-1002 - Administrator - Enabled) => C:\Users\Dana
DefaultAccount (S-1-5-21-1892162270-2039198232-2114183084-503 - Limited - Disabled)
Guest (S-1-5-21-1892162270-2039198232-2114183084-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1892162270-2039198232-2114183084-1004 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1892162270-2039198232-2114183084-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a0f22a81-00d1-45d6-9cad-d93c57053e53}) (Version: 20.10.2 - Intel Corporation)
Brother MFL-Pro Suite DCP-7070DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.2.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CGI PKI .NET Component (HKLM-x32\...\CGIPkcs) (Version: 2.0.1.0 - CGI IT Czech Republic s.r.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.267.0 - Conexant Systems)
CyberLink MediaStory (HKLM-x32\...\{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DS komunikátor (HKLM-x32\...\DS komunikátor_is1) (Version: 2.60 - CSH spol. s r.o.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
GARDENA Robotic Mower Upgrade (HKLM-x32\...\{436E7B5E-4162-4E13-BECB-71CA96408D58}) (Version: 1.2.21315.3 - Husqvarna Group AB)
GDR 5343 for SQL Server 2012 (KB3045321) (64-bit) (HKLM\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
GDR 5388 for SQL Server 2012 (KB3194719) (64-bit) (HKLM\...\KB3194719) (Version: 11.2.5388.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{6FAC699B-7992-4C62-9839-4783564CAEDD}) (Version: 10.1.1.40 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1029-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{27833D55-FD60-4C16-9794-8715028E1783}) (Version: 20.10.1.1190 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Audio Enhancement Troubleshooter installer (HKLM\...\{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.16130.20218 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{2B9EE1FE-105F-4093-A40E-C1BF12F873B7}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (HKLM\...\{9F616548-62E3-4C12-9E35-74A650BC199C}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{C23DBA16-E075-41BE-AE2E-C1B0DD0B4535}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27024 (HKLM-x32\...\{7258184A-EC44-4B1A-A7D3-68D85A35BFD0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27024 (HKLM-x32\...\{5EEFCEFB-E5F7-4C82-99A5-813F04AA4FBD}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 110.0.1 (x64 cs)) (Version: 110.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Ovladače grafiky 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OtePkiClient (HKLM-x32\...\OtePkiClient) (Version: 1.1.0 - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.12 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Komplet (HKLM-x32\...\{33D78551-67AB-4219-A45B-2DE586B95A91}) (Version: 13300.82 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
upgrade Sysel/Syslík pro Windows XP/Vista/7/8/10/11 (HKLM-x32\...\Sysel/Syslík CS_is1) (Version: 5.4.9 - CSH spol. s r.o.)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 6.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zákon 4 (HKLM-x32\...\{01DDA447-B7B2-4881-AE7B-F5B36650A713}) (Version: 4.1.52 - )
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ZoomUMX) (Version: 5.12.8 (10232) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2205.38.0_x64__6dqnvyezrysvy [2022-05-12] (Dailymotion)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-07-17] (Hightail)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-24] (LENOVO INC.)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-07-17] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2015-07-17] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.3.2230.0_x64__8wekyb3d8bbwe [2023-02-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2015-07-17] (CYBERLINK COM CORPORATION)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.3.81.0_x64__kx24dqmazqk8j [2022-10-22] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spider Solitaire 10 ! -> C:\Program Files\WindowsApps\8786PokerSolitaireCardPuz.SpiderSolitaire8_1.2.2.0_x64__k01jvj6q54pxy [2016-12-21] (Solitaire Puzzle Game by XSS) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-10-14] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-09-01 18:32 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2015-09-01 18:32 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-08-26 11:09 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-10-16 10:03 - 2014-04-24 01:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2021-04-15 00:47 - 2021-04-15 00:47 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {C79D9AD9-BC3B-4354-A064-782B78A0379B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ote-cr.cz -> hxxps://rbe.ote-cr.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-09-14 10:54 - 000000892 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AOMEI Backupper;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5422271-8B1E-402B-98B9-5E4624453409}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EAE6057-CAE4-4186-8701-10E8FFD5DA80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C8F27F9-1335-4588-BB29-6015A8AA614B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{E59497B7-9E0D-492A-9EFC-AFE3CC578B6F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{82B55D03-7C48-418B-AA96-FD99FB40319F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{55560255-B646-449C-B271-3AB4C80769DF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{5A00D961-950C-49C7-A816-F9CBE5656FBF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{93FED057-A47A-400F-9AF2-EC38A8DCA178}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A1D0C6D2-93DD-48F2-9DA5-8C627DC1BD1D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6671849B-9283-44F2-A7F7-4EBBCA4757AC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{701A67FA-A480-427E-A361-2F44CAE7229F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{68B0A30D-068D-4417-ACF9-C61B1923C3C7}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AC2F32D6-DA41-4CA7-B9D2-473FAC25312A}] => (Allow) LPort=55100
FirewallRules: [{47944713-9CCD-4DFD-89F6-F8E96ED3AEB1}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{D84738FA-D42C-4A60-B454-BFCC578F96BD}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A651D13-42D0-4580-A119-8949842FAC89}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C525054A-A2EB-4987-AC39-DAC743526386}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8265725B-7864-418F-86F9-878C5EAB1007}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D22C0C2-7A05-4021-A037-0CE7F6D05A84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC42B638-B3E6-494E-8162-C7513569DC2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{725EB5E1-2376-4DDE-AE98-C7C96211AB5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{106A9134-F1DC-4A79-816E-271236DAD235}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D2B8567C-C59B-4127-B79C-CF265EB18B6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A8C0DAE-8338-4D46-B0C6-8F0996B081A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EEF3B83C-E2A3-4D9D-B82B-CD2E66D4F076}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{06B3B4E1-F2EC-4AFF-A30C-E0D9219F280B}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{91EB11D4-E2A4-4951-B21C-EFD62AB4DBF5}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{5AF1EBB8-6EB4-41D1-B5D7-44AC09FC3EC0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{F06E2B78-0EEE-44E4-8D06-03EC9495B0B0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{60A32A2C-5300-4CD6-9E7F-9B4FAEF3F362}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D011BB2-FA32-4876-835E-DE6A3E9D5EA8}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A1CBF227-32E4-4A8A-9C14-65BD51D8B9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AFB0D174-6088-4457-82A6-8A525563F74B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35E21716-2739-4834-BC86-9DF2F74AD2A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD113D8A-B08B-4FF5-948E-702AAC80B753}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92487433-0F3F-4A89-A441-C7A2C1F467A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAFF400B-DD85-48BF-B056-78047B2561A0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-02-2023 22:29:10 Instalační služba modulů systému Windows
24-02-2023 10:44:20 Naplánovaný kontrolní bod
06-03-2023 14:27:20 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/27/2023 11:11:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Solitaire.exe, verze: 0.0.0.0, časové razítko: 0x6389c802
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff6a9
ID chybujícího procesu: 0x1720
Čas spuštění chybující aplikace: 0x01d94460bda3cad5
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe\Solitaire.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 26c25b7c-b821-4222-a6b7-03ce1b877de4
Úplný název chybujícího balíčku: Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/19/2023 01:39:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.1806, časové razítko: 0x7dcad237
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2311, časové razítko: 0xf4ecbc84
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1078
ID chybujícího procesu: 0x678
Čas spuštění chybující aplikace: 0x01d9445f2d4b398e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 2d582a00-bc6c-4c10-b379-ac79a014ea4d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/19/2023 01:39:25 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2023 10:52:26 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.


System errors:
=============
Error: (03/07/2023 04:42:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BrYNSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Maxthon Core Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant UIU Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-07 16:51:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2E098A81-8B2A-4FF2-9E65-49960133D35A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-07 13:50:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E276C25E-02F4-4D88-9A30-964825D9D4BB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-06 10:05:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {91B223E2-A685-4216-A25F-A6562FC92C83}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-03 13:46:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9C46EC6E-E702-4D0E-B8F5-66A4A66802BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-02 14:04:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC4E4BC5-E916-45AA-85D8-283E69B188A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-02-01 12:27:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2978.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402f
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-01-10 16:29:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1961.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-02-19 13:59:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-01 14:33:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-12 19:32:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9BCN26WW 07/31/2014
Motherboard: LENOVO Lancer 5A5
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 8084.27 MB
Available physical RAM: 3360.75 MB
Total Virtual: 15508.27 MB
Available Virtual: 8197.67 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:910.91 GB) (Free:744.3 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:18.64 GB) (Free:15.13 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS

\\?\Volume{1b3354ea-f8bb-11ea-8317-d07e351216ea}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{a67a785c-0374-442a-9fdf-c22eb004b3e5}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{49753232-86a0-4332-a4b1-dea4eb83f585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4DBDEDDC)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu FRST

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe /addfavoritec:\users\dana\desktop\office4 --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions -- (the data entry has 623 more characters). (No File)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\GUT1D70.tmp
C:\Program Files (x86)\GUT4407.tmp
C:\Program Files (x86)\GUT5544.tmp
C:\Program Files (x86)\GUT87AC.tmp
C:\Program Files (x86)\GUT8D68.tmp
C:\Program Files (x86)\GUT913A.tmp
C:\Program Files (x86)\GUTB494.tmp
C:\Program Files (x86)\GUTD9E1.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
Uložte do C:\Users\Dana\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martin11
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 27 zář 2013 13:54

Re: Prosím o kontrolu logu FRST

#7 Příspěvek od martin11 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Dana (08-03-2023 10:40:25) Run:1
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe /addfavoritec:\users\dana\desktop\office4 --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions -- (the data entry has 623 more characters). (No File)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\GUT1D70.tmp
C:\Program Files (x86)\GUT4407.tmp
C:\Program Files (x86)\GUT5544.tmp
C:\Program Files (x86)\GUT87AC.tmp
C:\Program Files (x86)\GUT8D68.tmp
C:\Program Files (x86)\GUT913A.tmp
C:\Program Files (x86)\GUTB494.tmp
C:\Program Files (x86)\GUTD9E1.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #6" => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{269d0d9b-eaee-11eb-8334-d07e351216ea} => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{269d0e6b-eaee-11eb-8334-d07e351216ea} => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{680b9ce4-a111-11eb-832a-d07e351216ea} => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e600ebb0-6244-11ec-8341-d07e351216ea} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11E92C19-F73D-40F1-BB3F-8C824A9202ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11E92C19-F73D-40F1-BB3F-8C824A9202ED}" => removed successfully
C:\WINDOWS\System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6729E1E-04F6-4E14-B800-B218312E474B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3564BFA1-A739-46BB-8C6F-405EBAFAF713}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3564BFA1-A739-46BB-8C6F-405EBAFAF713}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5805207E-C53E-44D1-AA7F-6FABA71C6C26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5805207E-C53E-44D1-AA7F-6FABA71C6C26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{674CAD71-34D5-4C51-B77D-1B871AC2AC2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{674CAD71-34D5-4C51-B77D-1B871AC2AC2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6856B7D7-5EE0-44A8-961F-D8FED136E4DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6856B7D7-5EE0-44A8-961F-D8FED136E4DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881D5246-9B91-4F72-8332-81BEE0BE788E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881D5246-9B91-4F72-8332-81BEE0BE788E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90B61509-3DD4-4712-AE2C-33AA42733B6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90B61509-3DD4-4712-AE2C-33AA42733B6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92B0780E-7F73-4EFF-9280-E91D0CDBB174}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92B0780E-7F73-4EFF-9280-E91D0CDBB174}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F91F866-83E7-4B91-8501-B5C6DE5EA30D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F91F866-83E7-4B91-8501-B5C6DE5EA30D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5A976B5-FBE3-403C-9055-F3ED46D298AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5A976B5-FBE3-403C-9055-F3ED46D298AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8B1D08A-9106-47FB-9E46-B832E45A0765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8B1D08A-9106-47FB-9E46-B832E45A0765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD880298-67DB-4919-B538-16A37978A344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD880298-67DB-4919-B538-16A37978A344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D44ECBEA-7254-4C2F-98F1-B8091CADA3AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D44ECBEA-7254-4C2F-98F1-B8091CADA3AB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECF7C671-518C-43C9-85FD-25D48438C6C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECF7C671-518C-43C9-85FD-25D48438C6C0}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMSDaily => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7C730C3-1440-4DD4-87FE-885BDEA5005F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C730C3-1440-4DD4-87FE-885BDEA5005F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F95F5BD8-1513-4CAD-9151-A4ED167D19D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F95F5BD8-1513-4CAD-9151-A4ED167D19D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17D2CB74-B6C9-4979-9CF1-10AECF123AB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17D2CB74-B6C9-4979-9CF1-10AECF123AB1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329}" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Program Files (x86)\GUT1D70.tmp => moved successfully
C:\Program Files (x86)\GUT4407.tmp => moved successfully
C:\Program Files (x86)\GUT5544.tmp => moved successfully
C:\Program Files (x86)\GUT87AC.tmp => moved successfully
C:\Program Files (x86)\GUT8D68.tmp => moved successfully
C:\Program Files (x86)\GUT913A.tmp => moved successfully
C:\Program Files (x86)\GUTB494.tmp => moved successfully
C:\Program Files (x86)\GUTD9E1.tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A332AC28-9DB3-4D99-8943-B576275E196E} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADAEB70C-82AE-4047-B144-A710E3BDA596}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 114658557 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 464 B
Windows/system/drivers => 23635232 B
Edge => 0 B
Chrome => 58125651 B
Firefox => 1259020894 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 185734 B
NetworkService => 601966 B
UpdatusUser => 601966 B
Dana => 500422522 B

RecycleBin => 19211501 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:50:08 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu FRST

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

martin11
Návštěvník
Návštěvník
Příspěvky: 24
Registrován: 27 zář 2013 13:54

Re: Prosím o kontrolu logu FRST

#9 Příspěvek od martin11 »

Díky za pomoc. Dá se z logů vyčíst, jestli tam byl nějaký spyware?
Dorazil totiž jeden phising email s konkrétními informacemi, které se mohly dát vyčíst snad jen z emailové historie...

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu logu FRST

#10 Příspěvek od Rudy »

Prakticky vše, co smazal ADW je spyware. RSITem jsme dočistili zbytky a zbytečnosti. Phishing na vás může zkoušet kdokoli a kdykoli. Je třeba ho rozeznat a nereagovat na něj.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět