VIRY.CZ

Dobrý den,

mohl bych vás poprosit o kontrolu logu? Mám podezření na nějakou havěť.
Děkuji,



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
Ran by Dana (administrator) on DANA (LENOVO 20354) (07-03-2023 13:33:51)
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana
Platform: Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_2\RdrCEF.exe <7>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe <2>
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE <3>
(C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_w32.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_x64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(explorer.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(explorer.exe ->) (Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\lenovo\Onekey Theater\OnekeyStudio.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <30>
(Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\OtePkiClient\runtime\bin\javaw.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(services.exe ->) (CSH spol. s r.o. -> CSH spol. s r.o.) C:\Program Files (x86)\CSH\SyslSrv\SyslSrv.exe
(services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
(services.exe ->) (Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Acresso Software Inc. -> Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Dana\AppData\Local\Microsoft\OneDrive\23.007.0109.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Pokki, Inc. -> Pokki) C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OtePkiClient] => C:\Program Files (x86)\OtePkiClient\OtePkiClient-1.1.0.exe [41472 2018-10-18] () [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9499672 2022-12-19] (Pokki, Inc. -> Pokki)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\WINDOWS\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Manažer služeb CSH.lnk [2019-08-04]
ShortcutTarget: Manažer služeb CSH.lnk -> C:\Program Files (x86)\CSH\CSHSvMgr\CSHSvMgr.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016914EE-EEBB-47CB-B50E-86209CDBFF6D} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {057B7463-3976-4F57-BE8F-56C9536B65D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0FCCC7E1-D661-4793-B79C-DE799F0ACBC7} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1794840 2015-01-16] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {15126149-553F-4388-9CE9-4778823C0A56} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {1AAD4F31-ACD5-489A-A545-ED47EB065292} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {1B938EB2-7993-4324-9E02-9FD783653556} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {26BC562C-208B-407C-BA8E-D4EEC75DBE08} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {283A8DA1-ACC1-44DC-B19B-134B51BB85D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8531add-9115-4169-969d-ec12aa625dbe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {40A4BEB9-A5E2-43EC-B414-9FA074C1A47E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {450FDA2A-4E85-4393-A7AA-44E51A267097} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334160 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A411905-8B08-4051-B21C-5475B8B7697F} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {522A9030-83C6-4EC9-ACC2-B6630495A51C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {550F2490-6DC7-49E5-893D-C4F58E763D3E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac9541b2-c3df-4aec-84ab-7d391ddcdda9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {578567F6-80C3-4DD5-9319-B114CEAEB9F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5B5B1E6D-C5BA-40F4-B734-E566CB226549} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {62076A29-0C4D-4DB4-920F-8CF800E45C14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {667F03FA-DE21-4081-B64B-35CA65FB1A1C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {6989F28C-0831-49EF-B2FE-F27BC76ED89E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {6DCA2E9F-8BA4-4BA0-994D-A8DEBC6BB594} - System32\Tasks\CCleanerSkipUAC - Dana => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {728E313E-DCC6-417B-B2BB-BE731F942244} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7BDA2A01-5F76-40EA-95A3-84949BDE3B56} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {822BE6E3-F083-417C-A1D0-AE3F55459497} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [674720 2023-02-15] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8500C89C-760C-4A14-BDBE-80C3986E3800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8C2E7807-2621-4844-9329-D447FDFB409A} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [716192 2023-02-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {8DA1560E-F89A-498A-92FE-973C14D01F48} - System32\Tasks\SweetLabs App Platform => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [7931928 2022-12-19] (Pokki, Inc. -> Pokki)
Task: {8EDC8BC8-9173-4D1B-81FB-541DE25E02F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9505EFC0-B906-4711-9AC9-C413A16A8AAA} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2DC7DC0-6C82-4473-A697-2A8552ABA30B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AF91CA9F-6E1D-41FB-B9E1-A94B1CA3FB24} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B76BF612-03FA-4266-984C-C6E33050FD75} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114616 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7CB57D7-F0AD-4B62-8065-572F6258E4A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BC597ABD-3EF9-4058-A08C-695E53FF5F4A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {D9080553-1842-43D6-B473-AC35617F9F78} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e2800c40-1b2a-472e-87b1-be168338018d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DE7446B2-3B86-482A-954A-8104102CA1DD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {E127C638-05E5-41FE-A35B-0A256A369BF7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0cfcc174-5f7f-4fe2-9e0d-38e006da105d" --version "6.09.10300" --silent
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {ED16C1D7-BC8B-4FFA-ABDB-8AF630F22C75} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2a779f2a-eaa2-49b7-ade4-a28784ca4328 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EE4F75BF-AA6E-4D1B-8E43-8E52B54B5669} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F406BB09-101B-4D62-B503-1A274873DF62} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4410216 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1aa72eb6-7416-4153-9196-5c1eaa44f658}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8b8aa02e-7bf1-4198-8807-492e33a94a0b}: [DhcpNameServer] 150.211.1.2

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-03]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Edge relevant text changes) - C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-20]

FireFox:
========
FF DefaultProfile: 9ixtrybw.default-1560963316730
FF ProfilePath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 [2023-03-07]
FF Homepage: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.facebook.com; hxxps://www.postazdarma.cz; hxxps://www.urbanstore.cz; hxxps://www.trenyrkarna.cz; hxxps://online.rb.cz; hxxps://businesscenter.podnikatel.cz; hxxps://drive.google.com
FF Extension: (FormApps Extension) - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2020-10-05]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent -> C:\Users\Dana\AppData\Roaming\OTE\lib\x86\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent-x64 -> C:\Users\Dana\AppData\Roaming\OTE\lib\x64\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)

Chrome:
=======
CHR Profile: C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default [2023-01-23]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12553648 2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
R2 CSHSysel_Service; C:\Program Files (x86)\CSH\SyslSrv\SyslSrv.exe [2666848 2022-08-30] (CSH spol. s r.o. -> CSH spol. s r.o.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-22] (Maxthon (Asia) Limited. -> Maxthon)
R2 MSSQL$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S4 SQLAgent$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [281448 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2021-07-11] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-02-08] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-08] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-06-24] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.)
R3 SynTP; C:\WINDOWS\system32\DRIVERS\SynTP.sys [713056 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-07 13:33 - 2023-03-07 13:34 - 000041611 _____ C:\Users\Dana\Downloads\FRST.txt
2023-03-07 13:32 - 2023-03-07 13:34 - 000000000 ____D C:\FRST
2023-03-07 13:31 - 2023-03-07 13:31 - 002378752 _____ (Farbar) C:\Users\Dana\Downloads\FRST64.exe
2023-03-07 08:12 - 2023-03-07 13:29 - 000000000 ____D C:\Users\Dana\AppData\Local\TeamViewer
2023-03-02 12:55 - 2023-03-02 12:55 - 000094016 _____ C:\Users\Dana\Documents\Faktura_2312002(3).pdf
2023-03-02 12:55 - 2023-03-02 12:55 - 000005213 _____ C:\Users\Dana\Documents\Faktura_2312002(3).isdoc
2023-03-01 21:20 - 2023-03-01 21:20 - 000001211 _____ C:\Users\Dana\Downloads\Stravné(7).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000001206 _____ C:\Users\Dana\Downloads\Stravné(8).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000000565 _____ C:\Users\Dana\Downloads\Stravné(9).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001255 _____ C:\Users\Dana\Downloads\Stravné(4).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001239 _____ C:\Users\Dana\Downloads\Stravné(5).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000000574 _____ C:\Users\Dana\Downloads\Stravné(6).csv
2023-03-01 20:49 - 2023-03-01 20:49 - 000094052 _____ C:\Users\Dana\Documents\Faktura_2312002(2).pdf
2023-03-01 20:47 - 2023-03-01 20:47 - 000005232 _____ C:\Users\Dana\Documents\Faktura_2312002.isdoc
2023-03-01 17:26 - 2023-03-01 17:26 - 000007411 _____ C:\Users\Dana\Downloads\priloha_1151863441_0_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.xml
2023-03-01 17:26 - 2023-03-01 17:26 - 000006969 _____ C:\Users\Dana\Downloads\priloha_1151863441_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.html
2023-02-28 21:32 - 2023-02-28 21:32 - 002906875 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213214.xml
2023-02-28 21:31 - 2023-02-28 21:31 - 000270996 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213141.pdf
2023-02-28 20:59 - 2023-02-28 20:59 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(10).xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000574547 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143154.xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000268891 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143130.pdf
2023-02-27 14:21 - 2023-02-27 14:21 - 000153559 _____ C:\Users\Dana\Downloads\DPFZC1-6053082057-20230227-142141.pdf
2023-02-27 12:45 - 2023-02-27 12:45 - 000001870 _____ C:\Users\Dana\Downloads\OSVC_2022(9).xml
2023-02-24 18:25 - 2023-02-24 18:25 - 000366887 _____ C:\Users\Dana\Downloads\priloha_1148241470_0_M01_3890331.pdf
2023-02-24 10:35 - 2023-02-24 10:35 - 000001374 _____ C:\Users\Dana\Desktop\Prehled_prijmu_vydaju_2023 1 – zástupce.lnk
2023-02-22 20:56 - 2023-02-22 20:56 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230222-205606.xml
2023-02-22 20:36 - 2023-02-22 20:36 - 000099500 _____ C:\Users\Dana\Downloads\priloha_1146527144_0_VypisROS.pdf
2023-02-21 22:10 - 2023-02-21 22:10 - 000001882 _____ C:\Users\Dana\Downloads\OSVC_2022(8).xml
2023-02-21 22:01 - 2023-02-21 22:01 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(7).xml
2023-02-21 21:44 - 2023-02-21 21:44 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(6).xml
2023-02-21 21:27 - 2023-02-21 21:27 - 000001884 _____ C:\Users\Dana\Downloads\OSVC_2022(5).xml
2023-02-21 21:21 - 2023-02-21 21:21 - 000001876 _____ C:\Users\Dana\Downloads\OSVC_2022(4).xml
2023-02-21 21:07 - 2023-02-21 21:07 - 000001914 _____ C:\Users\Dana\Downloads\OSVC_2022(3).xml
2023-02-21 20:58 - 2023-02-21 20:58 - 000001918 _____ C:\Users\Dana\Downloads\OSVC_2022(2).xml
2023-02-21 20:54 - 2023-02-21 20:54 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(1).xml
2023-02-21 20:42 - 2023-02-21 20:42 - 000001919 _____ C:\Users\Dana\Downloads\OSVC_2022.xml
2023-02-20 16:06 - 2023-02-20 16:06 - 000179947 _____ C:\Users\Dana\Downloads\priloha_1146483685_0_zprava.pdf
2023-02-20 15:28 - 2023-02-20 15:28 - 000054100 _____ C:\Users\Dana\Downloads\file-331-57_0.pdf
2023-02-20 15:01 - 2023-02-20 15:01 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(3).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022.zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(2).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(1).zip
2023-02-20 12:28 - 2023-02-20 12:28 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122829.xml
2023-02-20 12:28 - 2023-02-20 12:28 - 000377350 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122820.pdf
2023-02-20 10:52 - 2023-02-20 10:52 - 000001363 _____ C:\Users\Dana\Desktop\Prazdniny 2023 Bílkovice – zástupce.lnk
2023-02-20 10:51 - 2023-02-20 10:51 - 000001536 _____ C:\Users\Dana\Desktop\Podklady k daňovému přiznání 2023 – zástupce.lnk
2023-02-19 16:49 - 2023-02-19 16:49 - 000001201 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164909.xml
2023-02-19 16:48 - 2023-02-19 16:48 - 000268714 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164821.pdf
2023-02-15 22:52 - 2023-02-15 22:52 - 001387220 _____ C:\WINDOWS\Minidump\021523-17390-01.dmp
2023-02-15 22:29 - 2023-02-15 22:29 - 000000000 ___HD C:\$WinREAgent
2023-02-15 17:34 - 2023-02-15 17:34 - 000268793 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173433.pdf
2023-02-15 17:34 - 2023-02-15 17:34 - 000001239 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173451.xml
2023-02-15 17:25 - 2023-02-15 17:25 - 001536378 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172509.xml
2023-02-15 17:24 - 2023-02-15 17:25 - 000268875 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172459.pdf
2023-02-15 14:06 - 2023-02-15 14:06 - 000322063 _____ C:\Users\Dana\Downloads\1427115302-metodika-1-dary.pdf
2023-02-15 13:31 - 2023-03-03 08:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-02-13 14:49 - 2023-02-13 14:49 - 000268692 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144935.pdf
2023-02-13 14:49 - 2023-02-13 14:49 - 000001227 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144948.xml
2023-02-13 14:34 - 2023-02-13 14:34 - 000001261 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143401.xml
2023-02-13 14:33 - 2023-02-13 14:33 - 000268780 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143325.pdf
2023-02-08 15:01 - 2023-02-08 15:01 - 000233426 _____ C:\Users\Dana\Downloads\Prihlaska_prazdniny_2023.pdf
2023-02-07 20:13 - 2023-02-07 20:13 - 000001237 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201303.xml
2023-02-07 20:12 - 2023-02-07 20:12 - 000268734 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201253.pdf
2023-02-07 15:11 - 2023-02-07 15:11 - 007225676 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151103.xml
2023-02-07 15:10 - 2023-02-07 15:10 - 000268933 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151053.pdf
2023-02-07 14:37 - 2023-02-07 14:37 - 000066018 _____ C:\Users\Dana\Downloads\Krouzky_dochazka_2022_2023_IIpol.xlsx - Flétna.pdf
2023-02-07 14:11 - 2023-02-07 14:11 - 003564342 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141125.xml
2023-02-07 14:11 - 2023-02-07 14:11 - 000377432 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141116.pdf
2023-02-07 13:30 - 2023-02-07 13:30 - 000179130 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20221201-20221231_cislo-12.pdf
2023-02-07 13:26 - 2023-02-07 13:26 - 000052740 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2302422291_20230102-20230131_cislo-1.pdf
2023-02-07 13:25 - 2023-02-07 13:25 - 000159212 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20230101-20230131_cislo-1.pdf
2023-02-06 10:30 - 2023-02-06 10:30 - 000142978 _____ C:\Users\Dana\Downloads\DPFZC1-9462030600-20230206-103026.pdf
2023-02-05 12:34 - 2023-02-05 12:34 - 007073719 _____ C:\Users\Dana\Documents\Potvrzení manželky.pdf
2023-02-05 12:18 - 2023-02-05 12:18 - 000142880 _____ C:\Users\Dana\Downloads\DPFZC1-5752110133-20230205-121758.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-07 13:35 - 2015-07-17 12:05 - 000000000 ____D C:\Users\Dana\Documents\Soubory aplikace Outlook
2023-03-07 13:31 - 2020-09-14 10:49 - 000000000 ____D C:\Program Files\CCleaner
2023-03-07 13:26 - 2017-12-05 13:57 - 000000000 ____D C:\Users\Dana\AppData\Local\Packages
2023-03-07 13:18 - 2022-02-21 20:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-07 13:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-07 12:48 - 2023-01-16 12:12 - 000715264 _____ C:\Users\Dana\Desktop\Stravné exporty.xls
2023-03-07 12:41 - 2016-11-26 20:02 - 000000000 ____D C:\Users\Dana\AppData\LocalLow\Mozilla
2023-03-07 12:32 - 2021-07-11 10:33 - 001388432 _____ C:\Users\Public\VOIP.dat
2023-03-07 12:32 - 2021-04-15 00:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-07 10:02 - 2015-07-31 08:28 - 000000000 ____D C:\Users\Dana\AppData\Roaming\TeamViewer
2023-03-07 09:54 - 2021-04-15 00:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-07 08:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-07 07:37 - 2021-04-15 00:55 - 000004188 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D92C9930-BA25-43E0-A3F3-CB020A0903DA}
2023-03-06 20:31 - 2023-01-16 12:12 - 000000000 ____D C:\Users\Dana\Documents\Zajicek
2023-03-06 14:20 - 2015-07-03 12:21 - 000000000 ____D C:\Users\Dana\AppData\Local\SweetLabs App Platform
2023-03-06 10:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-06 09:18 - 2020-06-14 23:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-06 09:18 - 2020-06-14 23:28 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-02 10:24 - 2021-04-15 00:51 - 001694952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-02 10:24 - 2019-12-07 15:41 - 000717866 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-02 10:24 - 2019-12-07 15:41 - 000145008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-02 10:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-01 09:40 - 2021-04-15 00:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-01 09:40 - 2021-04-15 00:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-27 23:46 - 2022-02-21 20:07 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-27 23:46 - 2022-02-21 20:07 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-27 11:32 - 2017-01-16 21:06 - 000000000 ____D C:\Users\Dana\Documents\Cvičení
2023-02-27 11:11 - 2017-05-19 14:58 - 000000000 ____D C:\Users\Dana\AppData\Local\CrashDumps
2023-02-26 17:36 - 2021-04-15 00:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-21 21:55 - 2015-07-17 11:45 - 000000000 ____D C:\Users\Dana\Documents\Zz Word
2023-02-20 10:52 - 2017-12-21 20:15 - 000000000 ____D C:\Users\Dana\Documents\Psi
2023-02-19 14:03 - 2022-10-13 21:43 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-19 13:50 - 2022-02-13 00:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-02-19 13:39 - 2021-04-15 00:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:39 - 2021-04-15 00:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-19 13:39 - 2020-09-17 08:51 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-02-19 13:39 - 2020-09-17 08:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2023-02-19 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-19 13:39 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-19 13:39 - 2017-06-07 15:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-19 13:39 - 2016-10-06 15:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-19 13:39 - 2015-08-01 12:26 - 000000000 __SHD C:\Users\Dana\IntelGraphicsProfiles
2023-02-19 13:39 - 2015-07-14 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-19 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-02-15 22:54 - 2021-10-21 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-02-15 22:54 - 2015-07-14 20:18 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-15 22:52 - 2023-02-01 12:41 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 22:52 - 2022-12-30 10:30 - 1321193848 _____ C:\WINDOWS\MEMORY.DMP
2023-02-15 22:52 - 2022-08-12 23:09 - 000496432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 22:52 - 2022-05-31 12:31 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 22:45 - 2021-04-15 00:45 - 000000000 ____D C:\Users\Dana
2023-02-15 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 22:35 - 2021-04-15 00:43 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 14:51 - 2015-07-17 12:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 14:46 - 2015-07-17 12:07 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 13:32 - 2018-06-10 15:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:31 - 2023-02-01 12:41 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-09 09:20 - 2017-02-11 23:22 - 000000000 ____D C:\temp

==================== Files in the root of some directories ========

2021-07-11 10:33 - 2023-03-07 12:32 - 001388432 _____ () C:\Users\Public\VOIP.dat
2020-06-05 16:11 - 2020-06-05 16:11 - 024166400 _____ () C:\Program Files (x86)\GUT1D70.tmp
2020-06-04 14:04 - 2020-06-04 14:04 - 024166400 _____ () C:\Program Files (x86)\GUT4407.tmp
2020-06-08 13:55 - 2020-06-08 13:55 - 024166400 _____ () C:\Program Files (x86)\GUT5544.tmp
2020-06-08 20:02 - 2020-06-08 20:02 - 024166400 _____ () C:\Program Files (x86)\GUT87AC.tmp
2020-06-02 14:27 - 2020-06-02 14:27 - 024166400 _____ () C:\Program Files (x86)\GUT8D68.tmp
2020-06-08 06:57 - 2020-06-08 06:57 - 024166400 _____ () C:\Program Files (x86)\GUT913A.tmp
2020-06-07 18:50 - 2020-06-07 18:50 - 024166400 _____ () C:\Program Files (x86)\GUTB494.tmp
2020-06-05 09:13 - 2020-06-05 09:13 - 024166400 _____ () C:\Program Files (x86)\GUTD9E1.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Dana (07-03-2023 13:36:16)
Running from C:\Users\Dana\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) (2021-04-14 23:56:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1892162270-2039198232-2114183084-500 - Administrator - Disabled)
Dana (S-1-5-21-1892162270-2039198232-2114183084-1002 - Administrator - Enabled) => C:\Users\Dana
DefaultAccount (S-1-5-21-1892162270-2039198232-2114183084-503 - Limited - Disabled)
Guest (S-1-5-21-1892162270-2039198232-2114183084-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1892162270-2039198232-2114183084-1004 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1892162270-2039198232-2114183084-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a0f22a81-00d1-45d6-9cad-d93c57053e53}) (Version: 20.10.2 - Intel Corporation)
Brother MFL-Pro Suite DCP-7070DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.2.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CGI PKI .NET Component (HKLM-x32\...\CGIPkcs) (Version: 2.0.1.0 - CGI IT Czech Republic s.r.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.267.0 - Conexant Systems)
CyberLink MediaStory (HKLM-x32\...\{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DS komunikátor (HKLM-x32\...\DS komunikátor_is1) (Version: 2.60 - CSH spol. s r.o.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
GARDENA Robotic Mower Upgrade (HKLM-x32\...\{436E7B5E-4162-4E13-BECB-71CA96408D58}) (Version: 1.2.21315.3 - Husqvarna Group AB)
GDR 5343 for SQL Server 2012 (KB3045321) (64-bit) (HKLM\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
GDR 5388 for SQL Server 2012 (KB3194719) (64-bit) (HKLM\...\KB3194719) (Version: 11.2.5388.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Host App Service (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\SweetLabs_AP) (Version: 0.269.9.263 - Pokki) <==== ATTENTION
Intel(R) Chipset Device Software (HKLM\...\{6FAC699B-7992-4C62-9839-4783564CAEDD}) (Version: 10.1.1.40 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1029-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{27833D55-FD60-4C16-9794-8715028E1783}) (Version: 20.10.1.1190 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Lenovo Web Start (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki) <==== ATTENTION
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Audio Enhancement Troubleshooter installer (HKLM\...\{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.16026.20146 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{2B9EE1FE-105F-4093-A40E-C1BF12F873B7}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (HKLM\...\{9F616548-62E3-4C12-9E35-74A650BC199C}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{C23DBA16-E075-41BE-AE2E-C1B0DD0B4535}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27024 (HKLM-x32\...\{7258184A-EC44-4B1A-A7D3-68D85A35BFD0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27024 (HKLM-x32\...\{5EEFCEFB-E5F7-4C82-99A5-813F04AA4FBD}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 110.0 (x64 cs)) (Version: 110.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Ovladače grafiky 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15726.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16026.20146 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OtePkiClient (HKLM-x32\...\OtePkiClient) (Version: 1.1.0 - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.12 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Start Menu (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\SweetLabs_Start_Menu) (Version: 0.269.9.263 - Pokki) <==== ATTENTION
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Komplet (HKLM-x32\...\{33D78551-67AB-4219-A45B-2DE586B95A91}) (Version: 13300.82 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
upgrade Sysel/Syslík pro Windows XP/Vista/7/8/10/11 (HKLM-x32\...\Sysel/Syslík CS_is1) (Version: 5.4.9 - CSH spol. s r.o.)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 6.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zákon 4 (HKLM-x32\...\{01DDA447-B7B2-4881-AE7B-F5B36650A713}) (Version: 4.1.52 - )
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ZoomUMX) (Version: 5.12.8 (10232) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2205.38.0_x64__6dqnvyezrysvy [2022-05-12] (Dailymotion)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-07-17] (Hightail)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-24] (LENOVO INC.)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-07-17] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2015-07-17] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.3.2230.0_x64__8wekyb3d8bbwe [2023-02-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2015-07-17] (CYBERLINK COM CORPORATION)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.3.81.0_x64__kx24dqmazqk8j [2022-10-22] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spider Solitaire 10 ! -> C:\Program Files\WindowsApps\8786PokerSolitaireCardPuz.SpiderSolitaire8_1.2.2.0_x64__k01jvj6q54pxy [2016-12-21] (Solitaire Puzzle Game by XSS) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-10-14] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2016-01-13 22:18 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000978944 ____N () [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgProc.dll
2015-09-01 18:32 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2016-01-13 22:18 - 2012-04-23 15:03 - 000380928 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2016-01-13 22:18 - 2010-09-29 17:07 - 000180224 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2016-01-13 22:18 - 2011-02-28 11:32 - 000208896 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2016-01-13 22:18 - 2012-01-11 14:39 - 000626688 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000155648 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2016-01-13 22:18 - 2012-07-06 13:33 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000131072 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcFcnv.dll
2016-01-13 22:18 - 2012-07-06 13:33 - 017694720 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2016-01-13 22:18 - 2012-07-17 13:36 - 000094208 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2016-01-13 22:18 - 2012-09-06 21:02 - 000098304 ____N (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcSmon.dll
2015-09-01 18:32 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-09-01 19:49 - 2012-09-14 08:53 - 000241664 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImageConversion.dll
2015-09-01 19:49 - 2012-09-14 08:53 - 000098304 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrImgPdf.dll
2015-09-01 19:49 - 2012-09-14 08:53 - 000118784 ____R (Brother Industries,LTD.) [File not signed] C:\Program Files (x86)\ControlCenter4\brTPGSplash.dll
2015-08-26 11:09 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2017-08-18 15:41 - 2016-06-09 12:35 - 000588800 _____ (CANON INC.) [File not signed] [File is in use] C:\Program Files (x86)\Canon\Quick Menu\CNQMMWRP.dll
2017-08-18 15:23 - 2015-06-17 15:01 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2017-08-18 15:23 - 2015-06-17 15:00 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2017-08-18 15:41 - 2016-06-09 10:57 - 000561152 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\Quick Menu\CCL.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-10-16 10:03 - 2014-04-24 01:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2021-04-15 00:47 - 2021-04-15 00:47 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll
2018-05-01 09:12 - 2018-05-01 09:12 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems32.dll
2020-04-20 10:33 - 2020-04-20 10:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2018-05-01 09:27 - 2018-05-01 09:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files (x86)\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-04-20 10:33 - 2020-04-20 10:33 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2018-05-01 09:27 - 2018-05-01 09:27 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files (x86)\Microsoft Office\root\Client\C2R64.dll
2018-05-01 09:26 - 2018-05-01 09:26 - 000000000 ____L (Microsoft Corporation) [simlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {C79D9AD9-BC3B-4354-A064-782B78A0379B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ote-cr.cz -> hxxps://rbe.ote-cr.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-09-14 10:54 - 000000892 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AOMEI Backupper;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5422271-8B1E-402B-98B9-5E4624453409}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EAE6057-CAE4-4186-8701-10E8FFD5DA80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C8F27F9-1335-4588-BB29-6015A8AA614B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{E59497B7-9E0D-492A-9EFC-AFE3CC578B6F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{82B55D03-7C48-418B-AA96-FD99FB40319F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{55560255-B646-449C-B271-3AB4C80769DF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{5A00D961-950C-49C7-A816-F9CBE5656FBF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{93FED057-A47A-400F-9AF2-EC38A8DCA178}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A1D0C6D2-93DD-48F2-9DA5-8C627DC1BD1D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6671849B-9283-44F2-A7F7-4EBBCA4757AC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{701A67FA-A480-427E-A361-2F44CAE7229F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{68B0A30D-068D-4417-ACF9-C61B1923C3C7}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AC2F32D6-DA41-4CA7-B9D2-473FAC25312A}] => (Allow) LPort=55100
FirewallRules: [{47944713-9CCD-4DFD-89F6-F8E96ED3AEB1}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{D84738FA-D42C-4A60-B454-BFCC578F96BD}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A651D13-42D0-4580-A119-8949842FAC89}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C525054A-A2EB-4987-AC39-DAC743526386}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8265725B-7864-418F-86F9-878C5EAB1007}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D22C0C2-7A05-4021-A037-0CE7F6D05A84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC42B638-B3E6-494E-8162-C7513569DC2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{725EB5E1-2376-4DDE-AE98-C7C96211AB5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{106A9134-F1DC-4A79-816E-271236DAD235}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D2B8567C-C59B-4127-B79C-CF265EB18B6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A8C0DAE-8338-4D46-B0C6-8F0996B081A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EEF3B83C-E2A3-4D9D-B82B-CD2E66D4F076}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{06B3B4E1-F2EC-4AFF-A30C-E0D9219F280B}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{91EB11D4-E2A4-4951-B21C-EFD62AB4DBF5}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{5AF1EBB8-6EB4-41D1-B5D7-44AC09FC3EC0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{F06E2B78-0EEE-44E4-8D06-03EC9495B0B0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{60A32A2C-5300-4CD6-9E7F-9B4FAEF3F362}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D011BB2-FA32-4876-835E-DE6A3E9D5EA8}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A1CBF227-32E4-4A8A-9C14-65BD51D8B9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AFB0D174-6088-4457-82A6-8A525563F74B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35E21716-2739-4834-BC86-9DF2F74AD2A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD113D8A-B08B-4FF5-948E-702AAC80B753}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92487433-0F3F-4A89-A441-C7A2C1F467A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAFF400B-DD85-48BF-B056-78047B2561A0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-02-2023 22:29:10 Instalační služba modulů systému Windows
24-02-2023 10:44:20 Naplánovaný kontrolní bod
06-03-2023 14:27:20 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/27/2023 11:11:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Solitaire.exe, verze: 0.0.0.0, časové razítko: 0x6389c802
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff6a9
ID chybujícího procesu: 0x1720
Čas spuštění chybující aplikace: 0x01d94460bda3cad5
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe\Solitaire.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 26c25b7c-b821-4222-a6b7-03ce1b877de4
Úplný název chybujícího balíčku: Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/19/2023 01:39:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.1806, časové razítko: 0x7dcad237
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2311, časové razítko: 0xf4ecbc84
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1078
ID chybujícího procesu: 0x678
Čas spuštění chybující aplikace: 0x01d9445f2d4b398e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 2d582a00-bc6c-4c10-b379-ac79a014ea4d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/19/2023 01:39:25 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2023 10:52:26 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.


System errors:
=============
Error: (02/22/2023 07:52:23 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou:
%%2147952449 = Požadovaná adresa není v tomto kontextu platná.

Error: (02/21/2023 10:28:46 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (02/19/2023 01:42:18 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/19/2023 01:39:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/15/2023 10:55:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/15/2023 10:54:39 PM) (Source: DCOM) (EventID: 10010) (User: DANA)
Description: Server {0006F03A-0000-0000-C000-000000000046} se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/15/2023 10:52:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SAService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/15/2023 10:52:21 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: Počítač byl restartován z procesu kontroly chyb. Kontrola chyb: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffff8e87f8931040, 0xffff9f0c34c29880). Výpis byl uložen do: C:\WINDOWS\MEMORY.DMP. ID hlášení: d92c83b0-2f20-487d-b981-c8456b19e3f2


Windows Defender:
================
Date: 2023-03-06 10:05:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {91B223E2-A685-4216-A25F-A6562FC92C83}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-03 13:46:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9C46EC6E-E702-4D0E-B8F5-66A4A66802BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-02 14:04:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC4E4BC5-E916-45AA-85D8-283E69B188A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-28 20:25:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3EF05647-B13D-4483-805D-F8E79552AA04}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-02-27 17:22:35
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D4161055-734A-4AD3-9C0C-FF5ABE1AFF7E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-02-01 12:27:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2978.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402f
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-01-10 16:29:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1961.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-02-19 13:59:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-01 14:33:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-12 19:32:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9BCN26WW 07/31/2014
Motherboard: LENOVO Lancer 5A5
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 80%
Total physical RAM: 8084.27 MB
Available physical RAM: 1592.07 MB
Total Virtual: 15508.27 MB
Available Virtual: 2654.89 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:910.91 GB) (Free:743.33 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:18.64 GB) (Free:15.13 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS

\\?\Volume{1b3354ea-f8bb-11ea-8317-d07e351216ea}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{a67a785c-0374-442a-9fdf-c22eb004b3e5}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{49753232-86a0-4332-a4b1-dea4eb83f585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4DBDEDDC)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-07-2023
# Duration: 00:00:15
# OS: Windows 10 (Build 19044.2604)
# Scanned: 32097
# Detected: 93


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Pokki
Adware.pokki C:\Users\Dana\AppData\Local\Pokki
Adware.pokki C:\Users\Public\Pokki
Adware.pokki C:\Users\UpdatusUser\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki
PUP.Optional.Legacy C:\Users\Dana\AppData\Local\SweetLabs App Platform
PUP.Optional.Legacy C:\Users\Public\Documents\Downloaded Installers

***** [ Files ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
PUP.Optional.Legacy C:\Windows\System32\drivers\swdumon.sys
PUP.Optional.PCAppStore C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
PUP.Optional.VisualDiscovery C:\Windows\SysWOW64\VisualDiscovery.ini
PUP.Optional.Winsock.WnskRST C:\Windows\SysWOW64\VisualDiscoveryOff.ini
PUP.Optional.Winsock.WnskRST C:\Windows\System32\VisualDiscoveryOff.ini

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Adware.pokki HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Adware.pokki HKCU\Software\Classes\Directory\shell\pokki
Adware.pokki HKCU\Software\Classes\Drive\shell\pokki
Adware.pokki HKCU\Software\Classes\lnkfile\shell\pokki
Adware.pokki HKCU\Software\Classes\pokki
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Adware.pokki HKCU\Software\SweetLabs App Platform
PUP.Adware.Heuristic HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
PUP.Optional.DriverUpdate HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA1560E-F89A-498A-92FE-973C14D01F48}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.SlimCleanerPlus HKLM\Software\Wow6432Node\SlimWare Utilities Inc
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\Superfish Inc. VisualDiscovery
PUP.Optional.VisualDiscovery HKLM\Software\Wow6432Node\VisualDiscovery
PUP.Optional.WebWatcher HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
PUP.Optional.WebWatcher HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
PUP.Optional.WebWatcher HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
PUP.Optional.WebWatcher HKLM\Software\Wow6432Node\\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
PUP.Optional.WebWatcher HKLM\Software\Wow6432Node\\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
PUP.Optional.WebWatcher HKLM\Software\Wow6432Node\\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HightailforLenovo Folder C:\Program Files (x86)\HIGHTAIL\HIGHTAIL FOR LENOVO
Preinstalled.HightailforLenovo Folder C:\Program Files\HIGHTAIL\HIGHTAIL FOR LENOVO
Preinstalled.HightailforLenovo Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HIGHTAIL\HIGHTAIL FOR LENOVO
Preinstalled.HightailforLenovo Registry HKLM\Software\Classes\CLSID\{1E9CED2C-E7B4-4C47-B07A-25416393B67B}
Preinstalled.HightailforLenovo Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}
Preinstalled.HightailforLenovo Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{1E9CED2C-E7B4-4C47-B07A-25416393B67B}
Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\Dana\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Preinstalled.LenovoPhotoMaster File C:\Users\Public\Desktop\Lenovo Photo Master.lnk
Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Preinstalled.LenovoPower2Go File C:\Users\Public\Desktop\CyberLink Power2Go.lnk
Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\POWER2GO
Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|UpdateP2GShortCut
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoPowerDVD File C:\Users\Public\Desktop\Lenovo PowerDVD 10.lnk
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
Preinstalled.LenovoSHAREit File C:\Users\Public\Desktop\Lenovo SHAREit.lnk
Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo SHAREit_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########




# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-07-2023
# Duration: 00:00:35
# OS: Windows 10 (Build 19044.2604)
# Cleaned: 57
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Dana\AppData\Local\Pokki
Deleted C:\Users\Dana\AppData\Local\SweetLabs App Platform
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\Public\Pokki
Deleted C:\Users\UpdatusUser\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki

***** [ Files ] *****

Deleted C:\Users\Dana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Windows\SysWOW64\VisualDiscovery.ini
Deleted C:\Windows\SysWOW64\VisualDiscoveryOff.ini
Deleted C:\Windows\System32\Tasks_Migrated\SweetLabs App Platform
Deleted C:\Windows\System32\VisualDiscoveryOff.ini
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA1560E-F89A-498A-92FE-973C14D01F48}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Wow6432Node\LENOVO\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\SlimWare Utilities Inc
Deleted HKLM\Software\Wow6432Node\Superfish Inc. VisualDiscovery
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [11006 octets] - [07/03/2023 16:41:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2023
Ran by Dana (administrator) on DANA (LENOVO 20354) (08-03-2023 08:53:37)
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana
Platform: Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_w32.exe
(C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\tv_x64.exe
(CompatTelRunner.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11>
(msfeedssync.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\OtePkiClient\runtime\bin\javaw.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(services.exe ->) (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Studios) C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe\Solitaire.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\Dana\AppData\Local\Temp\TeamViewer\TeamViewer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [270912 2015-06-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OtePkiClient] => C:\Program Files (x86)\OtePkiClient\OtePkiClient-1.1.0.exe [41472 2018-10-18] () [File not signed]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Software Inc. -> Acresso Corporation)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38966072 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe /addfavoritec:\users\dana\desktop\office4 --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions -- (the data entry has 623 more characters). (No File)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG3000 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDG.DLL [30720 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3000 series: C:\WINDOWS\system32\CNMLMDG.DLL [485376 2016-05-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Manažer služeb CSH.lnk [2019-08-04]
ShortcutTarget: Manažer služeb CSH.lnk -> C:\Program Files (x86)\CSH\CSHSvMgr\CSHSvMgr.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {016914EE-EEBB-47CB-B50E-86209CDBFF6D} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {057B7463-3976-4F57-BE8F-56C9536B65D9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0D0E4D5F-AEEE-4D01-A0C7-78ECA4418FF6} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {0DBC2EDA-0A8C-4D82-B3B7-43196C02FD3E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FCCC7E1-D661-4793-B79C-DE799F0ACBC7} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1794840 2015-01-16] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {15126149-553F-4388-9CE9-4778823C0A56} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {1AAD4F31-ACD5-489A-A545-ED47EB065292} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {1B938EB2-7993-4324-9E02-9FD783653556} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {283A8DA1-ACC1-44DC-B19B-134B51BB85D7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e8531add-9115-4169-969d-ec12aa625dbe => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A411905-8B08-4051-B21C-5475B8B7697F} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
Task: {522A9030-83C6-4EC9-ACC2-B6630495A51C} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {550F2490-6DC7-49E5-893D-C4F58E763D3E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ac9541b2-c3df-4aec-84ab-7d391ddcdda9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {578567F6-80C3-4DD5-9319-B114CEAEB9F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5B5B1E6D-C5BA-40F4-B734-E566CB226549} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {62076A29-0C4D-4DB4-920F-8CF800E45C14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {667F03FA-DE21-4081-B64B-35CA65FB1A1C} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [834856 2018-06-08] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {6728C0DA-32E7-4D95-8D8A-D0F666BE9D94} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {6989F28C-0831-49EF-B2FE-F27BC76ED89E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {6DCA2E9F-8BA4-4BA0-994D-A8DEBC6BB594} - System32\Tasks\CCleanerSkipUAC - Dana => C:\Program Files\CCleaner\CCleaner.exe [32631096 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {728E313E-DCC6-417B-B2BB-BE731F942244} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {7BDA2A01-5F76-40EA-95A3-84949BDE3B56} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {822BE6E3-F083-417C-A1D0-AE3F55459497} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [674720 2023-03-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {8500C89C-760C-4A14-BDBE-80C3986E3800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {8EDC8BC8-9173-4D1B-81FB-541DE25E02F2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-02-08] (Piriform Software Ltd -> Piriform)
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9505EFC0-B906-4711-9AC9-C413A16A8AAA} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A2DC7DC0-6C82-4473-A697-2A8552ABA30B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {A5251A0B-8FB6-4969-B502-4BD9AFF162BB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26294704 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {AF91CA9F-6E1D-41FB-B9E1-A94B1CA3FB24} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B7CB57D7-F0AD-4B62-8065-572F6258E4A1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BC597ABD-3EF9-4058-A08C-695E53FF5F4A} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {D9080553-1842-43D6-B473-AC35617F9F78} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e2800c40-1b2a-472e-87b1-be168338018d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {DE7446B2-3B86-482A-954A-8104102CA1DD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {E127C638-05E5-41FE-A35B-0A256A369BF7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-02-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "0cfcc174-5f7f-4fe2-9e0d-38e006da105d" --version "6.09.10300" --silent
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {ED16C1D7-BC8B-4FFA-ABDB-8AF630F22C75} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2a779f2a-eaa2-49b7-ade4-a28784ca4328 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {EE4F75BF-AA6E-4D1B-8E43-8E52B54B5669} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F406BB09-101B-4D62-B503-1A274873DF62} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4410216 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION
Task: {FAB4A4F5-7824-4C5F-A732-E9B8813AC3A1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1aa72eb6-7416-4153-9196-5c1eaa44f658}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8b8aa02e-7bf1-4198-8807-492e33a94a0b}: [DhcpNameServer] 150.211.1.2

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-03]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
Edge Extension: (Edge relevant text changes) - C:\Users\Dana\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-02-20]

FireFox:
========
FF DefaultProfile: 9ixtrybw.default-1560963316730
FF ProfilePath: C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 [2023-03-08]
FF Homepage: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730 -> hxxps://www.facebook.com; hxxps://www.postazdarma.cz; hxxps://www.urbanstore.cz; hxxps://www.trenyrkarna.cz; hxxps://online.rb.cz; hxxps://businesscenter.podnikatel.cz; hxxps://drive.google.com
FF Extension: (FormApps Extension) - C:\Users\Dana\AppData\Roaming\Mozilla\Firefox\Profiles\9ixtrybw.default-1560963316730\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2020-10-05]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent -> C:\Users\Dana\AppData\Roaming\OTE\lib\x86\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)
FF Plugin HKU\S-1-5-21-1892162270-2039198232-2114183084-1002: @ote-cr.cz/PKIComponent-x64 -> C:\Users\Dana\AppData\Roaming\OTE\lib\x64\npPKIComponentNPAPI-ote.dll [2015-02-20] (OTE a.s. -> OTE, a.s.)

Chrome:
=======
CHR Profile: C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default [2023-01-23]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Dana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512256 2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
S2 CSHSysel_Service; C:\Program Files (x86)\CSH\SyslSrv\SyslSrv.exe [2666848 2022-08-30] (CSH spol. s r.o. -> CSH spol. s r.o.)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397472 2018-03-15] (Canon Inc. -> )
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
S2 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-10-16] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872808 2015-12-22] (Maxthon (Asia) Limited. -> Maxthon)
R2 MSSQL$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S4 SQLAgent$CSH2012; C:\Program Files\Microsoft SQL Server\MSSQL11.CSH2012\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [281448 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S2 UIUService; C:\WINDOWS\SysWOW64\UIUSrv.exe [105984 2021-07-11] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-02-08] (AVAST Software s.r.o. -> The OpenVPN Project)
S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2021-07-08] (Avast Software s.r.o. -> WireGuard LLC)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
R3 SynTP; C:\WINDOWS\system32\DRIVERS\SynTP.sys [713056 2018-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-08 08:53 - 2023-03-08 08:54 - 000034810 _____ C:\Users\Dana\Downloads\FRST.txt
2023-03-07 16:41 - 2023-03-07 16:42 - 000000000 ____D C:\AdwCleaner
2023-03-07 16:39 - 2023-03-07 16:39 - 008791352 _____ (Malwarebytes) C:\Users\Dana\Downloads\adwcleaner.exe
2023-03-07 13:36 - 2023-03-07 13:38 - 000065330 _____ C:\Users\Dana\Downloads\1_Addition.txt
2023-03-07 13:33 - 2023-03-07 13:38 - 000057373 _____ C:\Users\Dana\Downloads\1_FRST.txt
2023-03-07 13:32 - 2023-03-08 08:54 - 000000000 ____D C:\FRST
2023-03-07 13:31 - 2023-03-07 13:31 - 002378752 _____ (Farbar) C:\Users\Dana\Downloads\FRST64.exe
2023-03-07 08:12 - 2023-03-07 13:29 - 000000000 ____D C:\Users\Dana\AppData\Local\TeamViewer
2023-03-03 08:56 - 2023-03-07 22:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-03-02 12:55 - 2023-03-02 12:55 - 000094016 _____ C:\Users\Dana\Documents\Faktura_2312002(3).pdf
2023-03-02 12:55 - 2023-03-02 12:55 - 000005213 _____ C:\Users\Dana\Documents\Faktura_2312002(3).isdoc
2023-03-01 21:20 - 2023-03-01 21:20 - 000001211 _____ C:\Users\Dana\Downloads\Stravné(7).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000001206 _____ C:\Users\Dana\Downloads\Stravné(8).csv
2023-03-01 21:20 - 2023-03-01 21:20 - 000000565 _____ C:\Users\Dana\Downloads\Stravné(9).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001255 _____ C:\Users\Dana\Downloads\Stravné(4).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000001239 _____ C:\Users\Dana\Downloads\Stravné(5).csv
2023-03-01 21:19 - 2023-03-01 21:19 - 000000574 _____ C:\Users\Dana\Downloads\Stravné(6).csv
2023-03-01 20:49 - 2023-03-01 20:49 - 000094052 _____ C:\Users\Dana\Documents\Faktura_2312002(2).pdf
2023-03-01 20:47 - 2023-03-01 20:47 - 000005232 _____ C:\Users\Dana\Documents\Faktura_2312002.isdoc
2023-03-01 17:26 - 2023-03-01 17:26 - 000007411 _____ C:\Users\Dana\Downloads\priloha_1151863441_0_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.xml
2023-03-01 17:26 - 2023-03-01 17:26 - 000006969 _____ C:\Users\Dana\Downloads\priloha_1151863441_1_CSSZ_Protokol_o_zpracovani_e-Podani_CSSZ_OSVC_PRE-A1415D1020AC41EA9C75355C4DE8CA9D-1151809041.html
2023-02-28 21:32 - 2023-02-28 21:32 - 002906875 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213214.xml
2023-02-28 21:31 - 2023-02-28 21:31 - 000270996 _____ C:\Users\Dana\Downloads\DPFDP6-7001182529-20230228-213141.pdf
2023-02-28 20:59 - 2023-02-28 20:59 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(10).xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000574547 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143154.xml
2023-02-27 14:31 - 2023-02-27 14:31 - 000268891 _____ C:\Users\Dana\Downloads\DPFDP6-6809250833-20230227-143130.pdf
2023-02-27 14:21 - 2023-02-27 14:21 - 000153559 _____ C:\Users\Dana\Downloads\DPFZC1-6053082057-20230227-142141.pdf
2023-02-27 12:45 - 2023-02-27 12:45 - 000001870 _____ C:\Users\Dana\Downloads\OSVC_2022(9).xml
2023-02-24 18:25 - 2023-02-24 18:25 - 000366887 _____ C:\Users\Dana\Downloads\priloha_1148241470_0_M01_3890331.pdf
2023-02-24 10:35 - 2023-02-24 10:35 - 000001374 _____ C:\Users\Dana\Desktop\Prehled_prijmu_vydaju_2023 1 – zástupce.lnk
2023-02-22 20:56 - 2023-02-22 20:56 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230222-205606.xml
2023-02-22 20:36 - 2023-02-22 20:36 - 000099500 _____ C:\Users\Dana\Downloads\priloha_1146527144_0_VypisROS.pdf
2023-02-21 22:10 - 2023-02-21 22:10 - 000001882 _____ C:\Users\Dana\Downloads\OSVC_2022(8).xml
2023-02-21 22:01 - 2023-02-21 22:01 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(7).xml
2023-02-21 21:44 - 2023-02-21 21:44 - 000001880 _____ C:\Users\Dana\Downloads\OSVC_2022(6).xml
2023-02-21 21:27 - 2023-02-21 21:27 - 000001884 _____ C:\Users\Dana\Downloads\OSVC_2022(5).xml
2023-02-21 21:21 - 2023-02-21 21:21 - 000001876 _____ C:\Users\Dana\Downloads\OSVC_2022(4).xml
2023-02-21 21:07 - 2023-02-21 21:07 - 000001914 _____ C:\Users\Dana\Downloads\OSVC_2022(3).xml
2023-02-21 20:58 - 2023-02-21 20:58 - 000001918 _____ C:\Users\Dana\Downloads\OSVC_2022(2).xml
2023-02-21 20:54 - 2023-02-21 20:54 - 000001917 _____ C:\Users\Dana\Downloads\OSVC_2022(1).xml
2023-02-21 20:42 - 2023-02-21 20:42 - 000001919 _____ C:\Users\Dana\Downloads\OSVC_2022.xml
2023-02-20 16:06 - 2023-02-20 16:06 - 000179947 _____ C:\Users\Dana\Downloads\priloha_1146483685_0_zprava.pdf
2023-02-20 15:28 - 2023-02-20 15:28 - 000054100 _____ C:\Users\Dana\Downloads\file-331-57_0.pdf
2023-02-20 15:01 - 2023-02-20 15:01 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(3).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022.zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(2).zip
2023-02-20 15:00 - 2023-02-20 15:00 - 000056185 _____ C:\Users\Dana\Downloads\prehled-osvc-2022(1).zip
2023-02-20 12:28 - 2023-02-20 12:28 - 002411587 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122829.xml
2023-02-20 12:28 - 2023-02-20 12:28 - 000377350 _____ C:\Users\Dana\Downloads\DPFDP6-6005171128-20230220-122820.pdf
2023-02-20 10:52 - 2023-02-20 10:52 - 000001363 _____ C:\Users\Dana\Desktop\Prazdniny 2023 Bílkovice – zástupce.lnk
2023-02-20 10:51 - 2023-02-20 10:51 - 000001536 _____ C:\Users\Dana\Desktop\Podklady k daňovému přiznání 2023 – zástupce.lnk
2023-02-19 16:49 - 2023-02-19 16:49 - 000001201 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164909.xml
2023-02-19 16:48 - 2023-02-19 16:48 - 000268714 _____ C:\Users\Dana\Downloads\DPFDP6-8855200013-20230219-164821.pdf
2023-02-15 22:52 - 2023-02-15 22:52 - 001387220 _____ C:\WINDOWS\Minidump\021523-17390-01.dmp
2023-02-15 22:29 - 2023-02-15 22:29 - 000000000 ___HD C:\$WinREAgent
2023-02-15 17:34 - 2023-02-15 17:34 - 000268793 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173433.pdf
2023-02-15 17:34 - 2023-02-15 17:34 - 000001239 _____ C:\Users\Dana\Downloads\DPFDP6-8107240559-20230215-173451.xml
2023-02-15 17:25 - 2023-02-15 17:25 - 001536378 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172509.xml
2023-02-15 17:24 - 2023-02-15 17:25 - 000268875 _____ C:\Users\Dana\Downloads\DPFDP6-7161150326-20230215-172459.pdf
2023-02-15 14:06 - 2023-02-15 14:06 - 000322063 _____ C:\Users\Dana\Downloads\1427115302-metodika-1-dary.pdf
2023-02-13 14:49 - 2023-02-13 14:49 - 000268692 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144935.pdf
2023-02-13 14:49 - 2023-02-13 14:49 - 000001227 _____ C:\Users\Dana\Downloads\DPFDP6-0500817344-20230213-144948.xml
2023-02-13 14:34 - 2023-02-13 14:34 - 000001261 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143401.xml
2023-02-13 14:33 - 2023-02-13 14:33 - 000268780 _____ C:\Users\Dana\Downloads\DPFDP6-6006041184-20230213-143325.pdf
2023-02-08 15:01 - 2023-02-08 15:01 - 000233426 _____ C:\Users\Dana\Downloads\Prihlaska_prazdniny_2023.pdf
2023-02-07 20:13 - 2023-02-07 20:13 - 000001237 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201303.xml
2023-02-07 20:12 - 2023-02-07 20:12 - 000268734 _____ C:\Users\Dana\Downloads\DPFDP6-8559040006-20230207-201253.pdf
2023-02-07 15:11 - 2023-02-07 15:11 - 007225676 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151103.xml
2023-02-07 15:10 - 2023-02-07 15:10 - 000268933 _____ C:\Users\Dana\Downloads\DPFDP6-7703020556-20230207-151053.pdf
2023-02-07 14:37 - 2023-02-07 14:37 - 000066018 _____ C:\Users\Dana\Downloads\Krouzky_dochazka_2022_2023_IIpol.xlsx - Flétna.pdf
2023-02-07 14:11 - 2023-02-07 14:11 - 003564342 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141125.xml
2023-02-07 14:11 - 2023-02-07 14:11 - 000377432 _____ C:\Users\Dana\Downloads\DPFDP6-6458112155-20230207-141116.pdf
2023-02-07 13:30 - 2023-02-07 13:30 - 000179130 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20221201-20221231_cislo-12.pdf
2023-02-07 13:26 - 2023-02-07 13:26 - 000052740 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2302422291_20230102-20230131_cislo-1.pdf
2023-02-07 13:25 - 2023-02-07 13:25 - 000159212 _____ C:\Users\Dana\Downloads\Vypis_z_uctu-2400295767_20230101-20230131_cislo-1.pdf
2023-02-06 10:30 - 2023-02-06 10:30 - 000142978 _____ C:\Users\Dana\Downloads\DPFZC1-9462030600-20230206-103026.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-08 08:53 - 2021-04-15 00:55 - 000004188 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D92C9930-BA25-43E0-A3F3-CB020A0903DA}
2023-03-08 08:53 - 2020-09-14 10:49 - 000000000 ____D C:\Program Files\CCleaner
2023-03-08 08:53 - 2016-11-26 20:02 - 000000000 ____D C:\Users\Dana\AppData\LocalLow\Mozilla
2023-03-08 08:53 - 2015-07-17 12:05 - 000000000 ____D C:\Users\Dana\Documents\Soubory aplikace Outlook
2023-03-08 08:52 - 2023-01-16 12:12 - 000000000 ____D C:\Users\Dana\Documents\Zajicek
2023-03-08 08:51 - 2022-02-21 20:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-08 08:50 - 2021-07-11 10:33 - 001388432 _____ C:\Users\Public\VOIP.dat
2023-03-08 08:50 - 2021-04-15 00:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-08 08:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-07 23:30 - 2017-12-05 13:57 - 000000000 ____D C:\Users\Dana\AppData\Local\Packages
2023-03-07 22:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-07 22:38 - 2022-02-13 00:11 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-07 22:37 - 2021-10-21 14:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-03-07 22:37 - 2015-07-14 20:18 - 000001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-07 22:37 - 2015-07-14 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-07 16:51 - 2014-10-16 10:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-07 16:43 - 2016-10-06 15:16 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-07 16:42 - 2020-09-17 08:51 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-03-07 16:42 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2023-03-07 16:38 - 2015-07-31 08:28 - 000000000 ____D C:\Users\Dana\AppData\Roaming\TeamViewer
2023-03-07 09:54 - 2021-04-15 00:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-07 08:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-06 10:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-06 09:18 - 2020-06-14 23:28 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-06 09:18 - 2020-06-14 23:28 - 000002285 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-03-03 12:23 - 2023-01-16 12:12 - 000715264 _____ C:\Users\Dana\Desktop\Stravné exporty.xls
2023-03-02 10:24 - 2021-04-15 00:51 - 001694952 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-02 10:24 - 2019-12-07 15:41 - 000717866 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-02 10:24 - 2019-12-07 15:41 - 000145008 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-02 10:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-01 09:40 - 2021-04-15 00:55 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-01 09:40 - 2021-04-15 00:55 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-02-27 23:46 - 2022-02-21 20:07 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-27 23:46 - 2022-02-21 20:07 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-02-27 11:32 - 2017-01-16 21:06 - 000000000 ____D C:\Users\Dana\Documents\Cvičení
2023-02-27 11:11 - 2017-05-19 14:58 - 000000000 ____D C:\Users\Dana\AppData\Local\CrashDumps
2023-02-26 17:36 - 2021-04-15 00:55 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-21 21:55 - 2015-07-17 11:45 - 000000000 ____D C:\Users\Dana\Documents\Zz Word
2023-02-20 10:52 - 2017-12-21 20:15 - 000000000 ____D C:\Users\Dana\Documents\Psi
2023-02-19 14:03 - 2022-10-13 21:43 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-02-19 13:39 - 2021-04-15 00:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-19 13:39 - 2021-04-15 00:42 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-19 13:39 - 2020-09-17 08:50 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2023-02-19 13:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-19 13:39 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-02-19 13:39 - 2017-06-07 15:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-02-19 13:39 - 2015-08-01 12:26 - 000000000 __SHD C:\Users\Dana\IntelGraphicsProfiles
2023-02-19 13:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-02-15 22:52 - 2023-02-01 12:41 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-15 22:52 - 2022-12-30 10:30 - 1321193848 _____ C:\WINDOWS\MEMORY.DMP
2023-02-15 22:52 - 2022-08-12 23:09 - 000496432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-15 22:52 - 2022-05-31 12:31 - 000000000 ____D C:\WINDOWS\Minidump
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-15 22:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-15 22:45 - 2021-04-15 00:45 - 000000000 ____D C:\Users\Dana
2023-02-15 22:37 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-15 22:35 - 2021-04-15 00:43 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-15 14:51 - 2015-07-17 12:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 14:46 - 2015-07-17 12:07 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 13:32 - 2018-06-10 15:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-02-15 13:31 - 2023-02-01 12:41 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-09 09:20 - 2017-02-11 23:22 - 000000000 ____D C:\temp

==================== Files in the root of some directories ========

2021-07-11 10:33 - 2023-03-08 08:50 - 001388432 _____ () C:\Users\Public\VOIP.dat
2020-06-05 16:11 - 2020-06-05 16:11 - 024166400 _____ () C:\Program Files (x86)\GUT1D70.tmp
2020-06-04 14:04 - 2020-06-04 14:04 - 024166400 _____ () C:\Program Files (x86)\GUT4407.tmp
2020-06-08 13:55 - 2020-06-08 13:55 - 024166400 _____ () C:\Program Files (x86)\GUT5544.tmp
2020-06-08 20:02 - 2020-06-08 20:02 - 024166400 _____ () C:\Program Files (x86)\GUT87AC.tmp
2020-06-02 14:27 - 2020-06-02 14:27 - 024166400 _____ () C:\Program Files (x86)\GUT8D68.tmp
2020-06-08 06:57 - 2020-06-08 06:57 - 024166400 _____ () C:\Program Files (x86)\GUT913A.tmp
2020-06-07 18:50 - 2020-06-07 18:50 - 024166400 _____ () C:\Program Files (x86)\GUTB494.tmp
2020-06-05 09:13 - 2020-06-05 09:13 - 024166400 _____ () C:\Program Files (x86)\GUTD9E1.tmp

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================







Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Dana (08-03-2023 08:56:03)
Running from C:\Users\Dana\Downloads
Microsoft Windows 10 Home Version 21H2 19044.2604 (X64) (2021-04-14 23:56:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1892162270-2039198232-2114183084-500 - Administrator - Disabled)
Dana (S-1-5-21-1892162270-2039198232-2114183084-1002 - Administrator - Enabled) => C:\Users\Dana
DefaultAccount (S-1-5-21-1892162270-2039198232-2114183084-503 - Limited - Disabled)
Guest (S-1-5-21-1892162270-2039198232-2114183084-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1892162270-2039198232-2114183084-1004 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1892162270-2039198232-2114183084-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 22.003.20322 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{a0f22a81-00d1-45d6-9cad-d93c57053e53}) (Version: 20.10.2 - Intel Corporation)
Brother MFL-Pro Suite DCP-7070DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.0.19 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.3.1.4 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.0 - Canon Inc.)
Canon MG3000 series Elektronická příručka (HKLM-x32\...\Canon MG3000 series Elektronická příručka) (Version: 1.2.0 - Canon Inc.)
Canon MG3000 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3000_series) (Version: 1.01 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.09 - Piriform)
CGI PKI .NET Component (HKLM-x32\...\CGIPkcs) (Version: 2.0.1.0 - CGI IT Czech Republic s.r.o.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.267.0 - Conexant Systems)
CyberLink MediaStory (HKLM-x32\...\{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.) Hidden
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DS komunikátor (HKLM-x32\...\DS komunikátor_is1) (Version: 2.60 - CSH spol. s r.o.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
FormApps Signing Extension (HKLM-x32\...\{2ADAFEB7-56C5-497F-8960-67DA46A81838}) (Version: 2.27.0.46 - Software602 a.s.)
GARDENA Robotic Mower Upgrade (HKLM-x32\...\{436E7B5E-4162-4E13-BECB-71CA96408D58}) (Version: 1.2.21315.3 - Husqvarna Group AB)
GDR 5343 for SQL Server 2012 (KB3045321) (64-bit) (HKLM\...\KB3045321) (Version: 11.2.5343.0 - Microsoft Corporation)
GDR 5388 for SQL Server 2012 (KB3194719) (64-bit) (HKLM\...\KB3194719) (Version: 11.2.5388.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.178 - Google LLC)
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{6FAC699B-7992-4C62-9839-4783564CAEDD}) (Version: 10.1.1.40 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{0CF34B2C-F509-4D23-927E-334C1A776FED}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{A0EBC31A-8EA9-4D24-89A8-2C12A0B8B0C9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E3DE9447-C8F3-4DDA-82D3-096166CBBBB5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{C7C01DEF-DFDD-4C01-9F22-4BDF7B26CF1D}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}) (Version: 12.8.0.1016 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1029-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless WiFi Software (HKLM\...\{27833D55-FD60-4C16-9794-8715028E1783}) (Version: 20.10.1.1190 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.43.0 - Lenovo Group Ltd.)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Audio Enhancement Troubleshooter installer (HKLM\...\{6E0351FF-6A71-45C5-A041-D4D9D8067EAF}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.63 - Microsoft Corporation)
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.16130.20218 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\OneDriveSetup.exe) (Version: 23.007.0109.0004 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{2B9EE1FE-105F-4093-A40E-C1BF12F873B7}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 RsFx Driver (HKLM\...\{9F616548-62E3-4C12-9E35-74A650BC199C}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{C23DBA16-E075-41BE-AE2E-C1B0DD0B4535}) (Version: 11.2.5388.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{E721A8AA-2632-4798-B439-6D4C8A689BB8}) (Version: 11.2.5058.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{054EDAF7-39E0-41E8-9F06-21E6D19B9E59}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{B431C944-726E-409E-B4A1-8864E64E4F6C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27024 (HKLM-x32\...\{2ff11a2a-f7ac-4a6c-8cd4-c7bb974f3642}) (Version: 14.16.27024.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 X86 Additional Runtime - 14.16.27024 (HKLM-x32\...\{7258184A-EC44-4B1A-A7D3-68D85A35BFD0}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 X86 Minimum Runtime - 14.16.27024 (HKLM-x32\...\{5EEFCEFB-E5F7-4C82-99A5-813F04AA4FBD}) (Version: 14.16.27024 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.2.5058.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 110.0.1 (x64 cs)) (Version: 110.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 97.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nuance PaperPort 12 (HKLM-x32\...\{DA715959-CFF1-48A2-B3BB-98B9E569C6AC}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Ovladače grafiky 452.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.06 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OtePkiClient (HKLM-x32\...\OtePkiClient) (Version: 1.1.0 - )
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG3000 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG3000 series) (Version: - ‭Canon Inc.)
Revo Uninstaller 2.3.9 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.9 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.12 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.PROPLUS_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.PROPLUS_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.PROPLUS_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.PROPLUS_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.PROPLUS_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.PROPLUS_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for SQL Server 2012 (KB2958429) (64-bit) (HKLM\...\KB2958429) (Version: 11.2.5058.0 - Microsoft Corporation)
SQL Server 2012 Common Files (HKLM\...\{1D411379-9CE0-4B13-A19B-72D3222DD620}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (HKLM\...\{202AAF1F-69AA-442A-B59F-6B54B1AD07C6}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{18B2A97C-92C3-4AC7-BE72-F823E0BC895B}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (HKLM\...\{84FBCA4A-D650-4B0D-8094-EC0671FA9B91}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{54FF8FAB-DE27-4187-82F1-EBAE6AEE869A}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (HKLM\...\{6603C2CE-3C54-4F1D-92F9-8390CD4CCCA8}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.2.5058.0 - Microsoft Corporation)
Sql Server Customer Experience Improvement Program (HKLM\...\{BED1EA3D-592D-4305-9D1F-20F03726EFC1}) (Version: 11.2.5058.0 - Microsoft Corporation) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA CZ Komplet (HKLM-x32\...\{33D78551-67AB-4219-A45B-2DE586B95A91}) (Version: 13300.82 - STORMWARE)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
upgrade Sysel/Syslík pro Windows XP/Vista/7/8/10/11 (HKLM-x32\...\Sysel/Syslík CS_is1) (Version: 5.4.9 - CSH spol. s r.o.)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 6.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Zákon 4 (HKLM-x32\...\{01DDA447-B7B2-4881-AE7B-F5B36650A713}) (Version: 4.1.52 - )
Zoner Callisto 5 FREE (HKLM-x32\...\ZonerCallisto5_CZ_is1) (Version: 5.0.5000.16 - ZONER software)
Zoom (HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ZoomUMX) (Version: 5.12.8 (10232) - Zoom Video Communications, Inc.)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-18] (Canon Inc.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.2205.38.0_x64__6dqnvyezrysvy [2022-05-12] (Dailymotion)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-21] (Microsoft Corporation)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-07-17] (Hightail)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2301.8.0_x64__k1h2ywk1493x8 [2023-02-24] (LENOVO INC.)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-07-17] (Lenovo, INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2015-07-17] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-24] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.3.2230.0_x64__8wekyb3d8bbwe [2023-02-27] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-17] (NVIDIA Corp.)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2015-07-17] (CYBERLINK COM CORPORATION)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.3.81.0_x64__kx24dqmazqk8j [2022-10-22] (Random Salad Games LLC)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-08] (Microsoft Studios) [MS Ad]
Spider Solitaire 10 ! -> C:\Program Files\WindowsApps\8786PokerSolitaireCardPuz.SpiderSolitaire8_1.2.2.0_x64__k01jvj6q54pxy [2016-12-21] (Solitaire Puzzle Game by XSS) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-10-14] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2021-10-12] (Microsoft Corporation)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_af22935532babf10\nvshext.dll [2021-10-21] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-09-01 18:32 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2015-09-01 18:32 - 2012-07-05 12:32 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2015-08-26 11:09 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000286720 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2013-08-07 22:24 - 2013-08-07 22:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-10-16 10:03 - 2014-04-24 01:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2021-04-15 00:47 - 2021-04-15 00:47 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {C79D9AD9-BC3B-4354-A064-782B78A0379B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12902
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-01-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) [File not signed]
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-01] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\ote-cr.cz -> hxxps://rbe.ote-cr.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-09-14 10:54 - 000000892 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files (x86)\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\Tools\Binn\;C:\Program Files\Microsoft SQL Server\110\DTS\Binn\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\AOMEI Backupper;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B5422271-8B1E-402B-98B9-5E4624453409}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3EAE6057-CAE4-4186-8701-10E8FFD5DA80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7C8F27F9-1335-4588-BB29-6015A8AA614B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{E59497B7-9E0D-492A-9EFC-AFE3CC578B6F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{82B55D03-7C48-418B-AA96-FD99FB40319F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{55560255-B646-449C-B271-3AB4C80769DF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{5A00D961-950C-49C7-A816-F9CBE5656FBF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{93FED057-A47A-400F-9AF2-EC38A8DCA178}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A1D0C6D2-93DD-48F2-9DA5-8C627DC1BD1D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{6671849B-9283-44F2-A7F7-4EBBCA4757AC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{701A67FA-A480-427E-A361-2F44CAE7229F}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{68B0A30D-068D-4417-ACF9-C61B1923C3C7}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{AC2F32D6-DA41-4CA7-B9D2-473FAC25312A}] => (Allow) LPort=55100
FirewallRules: [{47944713-9CCD-4DFD-89F6-F8E96ED3AEB1}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{D84738FA-D42C-4A60-B454-BFCC578F96BD}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A651D13-42D0-4580-A119-8949842FAC89}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C525054A-A2EB-4987-AC39-DAC743526386}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8265725B-7864-418F-86F9-878C5EAB1007}] => (Allow) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D22C0C2-7A05-4021-A037-0CE7F6D05A84}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EC42B638-B3E6-494E-8162-C7513569DC2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{725EB5E1-2376-4DDE-AE98-C7C96211AB5D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{106A9134-F1DC-4A79-816E-271236DAD235}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D2B8567C-C59B-4127-B79C-CF265EB18B6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0A8C0DAE-8338-4D46-B0C6-8F0996B081A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{EEF3B83C-E2A3-4D9D-B82B-CD2E66D4F076}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{06B3B4E1-F2EC-4AFF-A30C-E0D9219F280B}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{91EB11D4-E2A4-4951-B21C-EFD62AB4DBF5}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [TCP Query User{5AF1EBB8-6EB4-41D1-B5D7-44AC09FC3EC0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [UDP Query User{F06E2B78-0EEE-44E4-8D06-03EC9495B0B0}C:\program files (x86)\csh\syslsrv\syslsrv.exe] => (Allow) C:\program files (x86)\csh\syslsrv\syslsrv.exe (CSH spol. s r.o. -> CSH spol. s r.o.)
FirewallRules: [{60A32A2C-5300-4CD6-9E7F-9B4FAEF3F362}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D011BB2-FA32-4876-835E-DE6A3E9D5EA8}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A1CBF227-32E4-4A8A-9C14-65BD51D8B9B1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AFB0D174-6088-4457-82A6-8A525563F74B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{35E21716-2739-4834-BC86-9DF2F74AD2A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AD113D8A-B08B-4FF5-948E-702AAC80B753}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92487433-0F3F-4A89-A441-C7A2C1F467A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CAFF400B-DD85-48BF-B056-78047B2561A0}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-02-2023 22:29:10 Instalační služba modulů systému Windows
24-02-2023 10:44:20 Naplánovaný kontrolní bod
06-03-2023 14:27:20 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/27/2023 11:11:36 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Solitaire.exe, verze: 0.0.0.0, časové razítko: 0x6389c802
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.2130, časové razítko: 0xb5ced1c6
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000ff6a9
ID chybujícího procesu: 0x1720
Čas spuštění chybující aplikace: 0x01d94460bda3cad5
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe\Solitaire.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 26c25b7c-b821-4222-a6b7-03ce1b877de4
Úplný název chybujícího balíčku: Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/21/2023 11:53:33 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/19/2023 01:39:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_FrameServer, verze: 10.0.19041.1806, časové razítko: 0x7dcad237
Název chybujícího modulu: combase.dll, verze: 10.0.19041.2311, časové razítko: 0xf4ecbc84
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000d1078
ID chybujícího procesu: 0x678
Čas spuštění chybující aplikace: 0x01d9445f2d4b398e
Cesta k chybující aplikaci: C:\WINDOWS\System32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 2d582a00-bc6c-4c10-b379-ac79a014ea4d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/19/2023 01:39:25 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (02/19/2023 12:37:54 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (02/15/2023 10:52:26 PM) (Source: MSSQL$CSH2012) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$CSH2012\Performance'. SQL Server performance counters are disabled.


System errors:
=============
Error: (03/07/2023 04:42:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LenovoVantageService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BrYNSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Maxthon Core Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/07/2023 04:42:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Conexant UIU Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-07 16:51:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2E098A81-8B2A-4FF2-9E65-49960133D35A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-07 13:50:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E276C25E-02F4-4D88-9A30-964825D9D4BB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-06 10:05:31
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {91B223E2-A685-4216-A25F-A6562FC92C83}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-03 13:46:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9C46EC6E-E702-4D0E-B8F5-66A4A66802BD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-02 14:04:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AC4E4BC5-E916-45AA-85D8-283E69B188A6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-02-01 12:27:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.2978.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402f
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-01-10 16:29:09
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.381.1961.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19900.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2023-02-19 13:59:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-02-01 14:33:45
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-18 13:46:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.

Date: 2022-11-12 19:32:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 9BCN26WW 07/31/2014
Motherboard: LENOVO Lancer 5A5
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 8084.27 MB
Available physical RAM: 3360.75 MB
Total Virtual: 15508.27 MB
Available Virtual: 8197.67 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:910.91 GB) (Free:744.3 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:18.64 GB) (Free:15.13 GB) (Model: Samsung SSD 860 EVO 1TB) NTFS

\\?\Volume{1b3354ea-f8bb-11ea-8317-d07e351216ea}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{a67a785c-0374-442a-9fdf-c22eb004b3e5}\ () (Fixed) (Total:0.61 GB) (Free:0.08 GB) NTFS
\\?\Volume{49753232-86a0-4332-a4b1-dea4eb83f585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4DBDEDDC)

Partition: GPT.

==================== End of Addition.txt =======================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe /addfavoritec:\users\dana\desktop\office4 --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions -- (the data entry has 623 more characters). (No File)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\GUT1D70.tmp
C:\Program Files (x86)\GUT4407.tmp
C:\Program Files (x86)\GUT5544.tmp
C:\Program Files (x86)\GUT87AC.tmp
C:\Program Files (x86)\GUT8D68.tmp
C:\Program Files (x86)\GUT913A.tmp
C:\Program Files (x86)\GUTB494.tmp
C:\Program Files (x86)\GUTD9E1.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End

Uložte do C:\Users\Dana\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 05-03-2023
Ran by Dana (08-03-2023 10:40:25) Run:1
Running from C:\Users\Dana\Downloads
Loaded Profiles: Dana
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\RunOnce: [Application Restart #6] => C:\Users\Dana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe /addfavoritec:\users\dana\desktop\office4 --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions -- (the data entry has 623 more characters). (No File)
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0d9b-eaee-11eb-8334-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {269d0e6b-eaee-11eb-8334-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {680b9ce4-a111-11eb-832a-d07e351216ea} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\...\MountPoints2: {e600ebb0-6244-11ec-8341-d07e351216ea} - "F:\HiSuiteDownLoader.exe"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {11E92C19-F73D-40F1-BB3F-8C824A9202ED} - System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => C:\WINDOWS\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {3564BFA1-A739-46BB-8C6F-405EBAFAF713} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {5805207E-C53E-44D1-AA7F-6FABA71C6C26} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {674CAD71-34D5-4C51-B77D-1B871AC2AC2A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6856B7D7-5EE0-44A8-961F-D8FED136E4DE} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E} - \WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002 -> No File <==== ATTENTION
Task: {881D5246-9B91-4F72-8332-81BEE0BE788E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {90B61509-3DD4-4712-AE2C-33AA42733B6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {92B0780E-7F73-4EFF-9280-E91D0CDBB174} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9F91F866-83E7-4B91-8501-B5C6DE5EA30D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A5A976B5-FBE3-403C-9055-F3ED46D298AA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {B8B1D08A-9106-47FB-9E46-B832E45A0765} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {BD880298-67DB-4919-B538-16A37978A344} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D44ECBEA-7254-4C2F-98F1-B8091CADA3AB} - System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Task: {ECF7C671-518C-43C9-85FD-25D48438C6C0} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe (No File)
Task: {F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {F7C730C3-1440-4DD4-87FE-885BDEA5005F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F95F5BD8-1513-4CAD-9151-A4ED167D19D9} - \AutoKMS -> No File <==== ATTENTION
Task: {17D2CB74-B6C9-4979-9CF1-10AECF123AB1} - System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-21] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Program Files (x86)\GUT1D70.tmp
C:\Program Files (x86)\GUT4407.tmp
C:\Program Files (x86)\GUT5544.tmp
C:\Program Files (x86)\GUT87AC.tmp
C:\Program Files (x86)\GUT8D68.tmp
C:\Program Files (x86)\GUT913A.tmp
C:\Program Files (x86)\GUTB494.tmp
C:\Program Files (x86)\GUTD9E1.tmp
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> DefaultScope {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
SearchScopes: HKU\S-1-5-21-1892162270-2039198232-2114183084-1002 -> {A332AC28-9DB3-4D99-8943-B576275E196E} URL =
BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File
FirewallRules: [TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{ADAEB70C-82AE-4047-B144-A710E3BDA596}] => (Allow) C:\Users\Dana\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION => restored successfully
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION => restored successfully
"HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #6" => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{269d0d9b-eaee-11eb-8334-d07e351216ea} => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{269d0e6b-eaee-11eb-8334-d07e351216ea} => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{680b9ce4-a111-11eb-832a-d07e351216ea} => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e600ebb0-6244-11ec-8341-d07e351216ea} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11E92C19-F73D-40F1-BB3F-8C824A9202ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11E92C19-F73D-40F1-BB3F-8C824A9202ED}" => removed successfully
C:\WINDOWS\System32\Tasks\{A6729E1E-04F6-4E14-B800-B218312E474B} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6729E1E-04F6-4E14-B800-B218312E474B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12FEFD9D-4BB9-4F01-A9E7-1758E2AD2AC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{352E6CA0-7314-4DF4-89C4-682368D80D57}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3564BFA1-A739-46BB-8C6F-405EBAFAF713}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3564BFA1-A739-46BB-8C6F-405EBAFAF713}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5805207E-C53E-44D1-AA7F-6FABA71C6C26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5805207E-C53E-44D1-AA7F-6FABA71C6C26}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{674CAD71-34D5-4C51-B77D-1B871AC2AC2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{674CAD71-34D5-4C51-B77D-1B871AC2AC2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6856B7D7-5EE0-44A8-961F-D8FED136E4DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6856B7D7-5EE0-44A8-961F-D8FED136E4DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686A7F00-DCDC-4BF9-93E7-42C1FAB52B2E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1892162270-2039198232-2114183084-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{881D5246-9B91-4F72-8332-81BEE0BE788E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{881D5246-9B91-4F72-8332-81BEE0BE788E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90B61509-3DD4-4712-AE2C-33AA42733B6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90B61509-3DD4-4712-AE2C-33AA42733B6F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92B0780E-7F73-4EFF-9280-E91D0CDBB174}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92B0780E-7F73-4EFF-9280-E91D0CDBB174}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F91F866-83E7-4B91-8501-B5C6DE5EA30D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F91F866-83E7-4B91-8501-B5C6DE5EA30D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A5A976B5-FBE3-403C-9055-F3ED46D298AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A5A976B5-FBE3-403C-9055-F3ED46D298AA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B8B1D08A-9106-47FB-9E46-B832E45A0765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8B1D08A-9106-47FB-9E46-B832E45A0765}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BD880298-67DB-4919-B538-16A37978A344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BD880298-67DB-4919-B538-16A37978A344}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D44ECBEA-7254-4C2F-98F1-B8091CADA3AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D44ECBEA-7254-4C2F-98F1-B8091CADA3AB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{028278B8-C7DA-439E-A70D-4AE1098F77E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECF7C671-518C-43C9-85FD-25D48438C6C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECF7C671-518C-43C9-85FD-25D48438C6C0}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMSDaily => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3F94CAD-0B57-4D5F-A53E-87216F9FD7A5}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F7C730C3-1440-4DD4-87FE-885BDEA5005F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F7C730C3-1440-4DD4-87FE-885BDEA5005F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{F95F5BD8-1513-4CAD-9151-A4ED167D19D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F95F5BD8-1513-4CAD-9151-A4ED167D19D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17D2CB74-B6C9-4979-9CF1-10AECF123AB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17D2CB74-B6C9-4979-9CF1-10AECF123AB1}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{62B789A2-5E7C-4423-AC03-2240107FB329}" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Program Files (x86)\GUT1D70.tmp => moved successfully
C:\Program Files (x86)\GUT4407.tmp => moved successfully
C:\Program Files (x86)\GUT5544.tmp => moved successfully
C:\Program Files (x86)\GUT87AC.tmp => moved successfully
C:\Program Files (x86)\GUT8D68.tmp => moved successfully
C:\Program Files (x86)\GUT913A.tmp => moved successfully
C:\Program Files (x86)\GUTB494.tmp => moved successfully
C:\Program Files (x86)\GUTD9E1.tmp => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1892162270-2039198232-2114183084-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A332AC28-9DB3-4D99-8943-B576275E196E} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
HKLM\Software\Classes\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{0E1C6103-EE68-4F79-9EDC-1DF390C26A08}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EE2139F1-2105-402D-83C3-74CA43B7B73D}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4CA83F36-E6E7-4CEA-92FF-3EFC9C884C4C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ADAEB70C-82AE-4047-B144-A710E3BDA596}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 114658557 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 464 B
Windows/system/drivers => 23635232 B
Edge => 0 B
Chrome => 58125651 B
Firefox => 1259020894 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 185734 B
NetworkService => 601966 B
UpdatusUser => 601966 B
Dana => 500422522 B

RecycleBin => 19211501 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:50:08 ====

Smazáno, log by již měl být OK.

Díky za pomoc. Dá se z logů vyčíst, jestli tam byl nějaký spyware?
Dorazil totiž jeden phising email s konkrétními informacemi, které se mohly dát vyčíst snad jen z emailové historie...

Prakticky vše, co smazal ADW je spyware. RSITem jsme dočistili zbytky a zbytečnosti. Phishing na vás může zkoušet kdokoli a kdykoli. Je třeba ho rozeznat a nereagovat na něj.