kontrola logu - velmi pomalé PC
Napsal: 05 říj 2023 13:20
Zanedbaný počítač kamaráda... I menu na pravé zmáčknutí myši na ikonu na ploše se objeví až po několika vteřinách.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Isek (administrator) on LAPTOP-65VSTD3D (LENOVO 80QQ) (05-10-2023 13:50:55)
Running from C:\Users\Isek\Desktop\FRST64.exe
Loaded Profiles: Isek
Platform: Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoSecurityAddin).exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(SmartInteractAddin).exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\netsh.exe
(MusNotification.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-09-22] (LENOVO -> )
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [170496 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [Setup Utility 15.0] => C:\Program Files (x86)\Navigator15\Setup Utility\clickertray.exe [423424 2015-05-15] () [File not signed]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Isek\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Isek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [Microsoft Edge Update] => C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\117.0.5938.149\Installer\chrmstp.exe [2023-10-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\newfolder1 [2022-03-08]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {DF40DB95-C348-4851-B317-4C022BEF7C62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D80F9B3C-1D10-42F2-A8C0-BB5AE45B95CF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cd4c348d-e6d8-4478-b0e6-17cfb7a84143" --version "6.16.10662" --silent
Task: {E406BE1A-EB32-420B-8D8B-231A7786F05D} - System32\Tasks\CCleanerSkipUAC - Isek => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D5E9D477-3E60-422C-8B61-642DE3483974} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {DF380048-41F7-4378-834E-F4B19E64691B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {CBD61D39-96AE-446B-9ADC-B11BCD088F5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {1779C9D4-D71B-4862-97B3-EBEB9724E6DA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2015-12-31] (LENOVO -> Lenovo)
Task: {AD6DD026-D13B-4972-BCEA-AF14BEF8B2A9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {91041B70-F81C-413E-A232-B0E96ABEC877} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {EEC7E7C7-DBC6-436A-A6E0-54CC69A63888} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {8659917B-21C1-490F-9C95-2B060861D62D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\069463b6-3f90-4e42-a664-f52e03b903e5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {7F164B40-7B85-4364-A8C5-96C1D1DBF0D3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1fbaf62e-8e70-4349-bfb7-5f1e5ef3dc8e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {88502D43-FA50-4B76-9568-CEB1E232B49A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\72d96158-7ad8-41c5-a905-4dc20fc29a6e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {E5D5DC98-BF7C-4D51-AC23-ECB7023732D5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c941b869-1ee9-40f6-be9a-211fd94291df => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2AFAEE46-176B-4744-9F57-19A1FD7A175F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {5A03E6CC-793E-4B77-9B20-F11C6875318C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270272 2015-08-07] (LENOVO -> Lenovo)
Task: {4D2A20A0-E9D8-4341-8BB6-45CCD7590626} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320384 2015-08-07] (LENOVO -> Lenovo)
Task: {F9B73F6D-76D3-433B-84AF-40D7C25D2D0D} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9476544 2015-08-07] (LENOVO -> )
Task: {BD86F62A-0646-489B-A819-D7AEC431413E} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {C15D7891-AFC8-4710-9D9B-451E9566EABC} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {053B10D2-4709-47DB-A5A3-FBC69908210F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {08D31610-6BE5-40DC-B787-7E4B24B843CE} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EE43045D-F31D-4CDF-9254-A22BC8601D7F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {BE9F56E1-8C03-4187-9E55-71D8EF258A83} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {42A6B2B7-2E5F-4D4E-91A7-44BE7F78A307} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {07EE3668-5BD2-4D62-9F37-174C4F645E55} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {7A1D6CE9-2DB2-41C8-9EC0-C182D3C836F5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {AFFE1E2D-D93A-4EFB-BAC8-0C6ED4BA9864} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBoostAddin.Prompt => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {214A6694-4014-4621-8AD7-92B0C13162B3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {8ED078E0-0C5C-4008-92A9-3B3726A32CEA} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {DDBA3975-F827-4978-89D3-CD4BCF09AF6F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {2EE6A073-D409-4D19-B68B-E482C7DC14B3} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {A61CE763-3680-49CC-8CB2-94CAF18891B2} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {60A624A1-34B2-4C57-A22B-9091C06E2A32} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (No File)
Task: {9516FE4A-22F6-4D19-B0B9-26CAB7608639} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe [71680 2022-03-08] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5493BA10-C8E8-4887-84B6-6205D0B650DE} - System32\Tasks\Microsoft\Windows\rempl\shell-compact => %ProgramFiles%\rempl\remsh.exe /RunCompactOnly (No File)
Task: {4A412118-7C92-4B25-A4E6-8A0CDB3B526E} - System32\Tasks\Microsoft\Windows\rempl\shell-restore => %ProgramFiles%\rempl\remsh.exe /RunRestoreHealthOnly (No File)
Task: {A807E008-4B68-413D-8297-A648A8A11730} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {466E5E42-1F73-4330-8FCA-EC3E0FCC8F71} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-sih => %ProgramFiles%\rempl\remsh.exe /RunSihScanOnly (No File)
Task: {66861E43-E096-4C00-802A-EB8F29B183BC} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-storagesense => %ProgramFiles%\rempl\remsh.exe /RunStorageSenseTaskOnly (No File)
Task: {8E00CC8B-9FD0-4915-B668-1DB88041CD50} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {037202B8-D1FB-4D0D-A99A-79AC25A5019B} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (No File)
Task: {ADED6644-F705-4A5C-8C4C-42F39ED8F5FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A03283B1-916E-4DDC-89C8-104CDD40BFE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC320900-5E33-4DC9-971A-C35878AE3CE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F01F0695-6030-470C-84AA-C6BDBD70547C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F26F6548-0DE1-460C-ACCD-F8623D6717F1} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-344944272-2692266573-2562361775-1001Core{40D238CF-B579-48EC-A701-7F54D755ACFA} => C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {717EAEA4-2311-49C3-92C4-5B95CEA3EC0C} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-344944272-2692266573-2562361775-1001UA{98463A9E-069C-4CE8-9EB7-8413E88E9F8D} => C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C655495C-DE45-46F3-90E1-D4A9235D6923} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{560098f7-2b89-4aa2-90a8-fcc4ac54eff6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{d4006723-a370-4ad4-bc08-4f408e57ffcd}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Isek\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-04]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Isek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-07-12]
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default [2023-10-05]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.gametwist.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}&sourceid=62744&thru=quicksearch
CHR DefaultSearchKeyword: Default -> seznam
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]
CHR Extension: (Seznam.cz) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-10-05]
CHR Profile: C:\Users\Isek\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-04]
CHR HKU\S-1-5-21-344944272-2692266573-2562361775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-344944272-2692266573-2562361775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe [34176 2023-07-14] (Lenovo -> Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-08-07] (LENOVO -> Lenovo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-31] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2015-12-31] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [239296 2013-08-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET, spol. s r.o. -> ESET)
R3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3476736 2015-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2023-10-05] (Bitdefender SRL -> Bitdefender)
S3 u3kh64; C:\WINDOWS\system32\DRIVERS\u3kh64.sys [1802752 2007-07-31] (Microsoft Windows Hardware Compatibility Publisher -> DiBcom)
S3 u3khrc64; C:\WINDOWS\system32\DRIVERS\u3khrc64.sys [17024 2007-05-16] (Microsoft Windows Hardware Compatibility Publisher -> DiBcom S.A.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-04] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 MpKsl147d5177; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33A10A63-372F-427C-9A49-19CE5A0DF149}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-05 13:50 - 2023-10-05 13:56 - 000032104 _____ C:\Users\Isek\Desktop\FRST.txt
2023-10-05 13:49 - 2023-10-05 13:54 - 000000000 ____D C:\FRST
2023-10-05 13:47 - 2023-10-05 13:47 - 002382848 _____ (Farbar) C:\Users\Isek\Desktop\FRST64.exe
2023-10-05 13:42 - 2023-10-05 13:44 - 000000000 ____D C:\WINDOWS\LastGood
2023-10-05 13:35 - 2023-10-05 13:35 - 000000000 ____D C:\ProgramData\PLUG
2023-10-05 13:30 - 2023-10-05 13:30 - 000000000 ____D C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-10-05 13:22 - 2023-10-05 13:22 - 000000000 ____D C:\Program Files\RUXIM
2023-10-05 01:03 - 2023-10-05 01:03 - 000000000 ___HD C:\$WinREAgent
2023-10-05 00:37 - 2023-10-05 08:34 - 000000054 _____ C:\WINDOWS\Lic.xxx
2023-10-05 00:37 - 2023-10-05 00:37 - 000000000 ____D C:\PUB
2023-10-05 00:31 - 2023-10-05 00:31 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2023-10-05 00:31 - 2023-10-05 00:31 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2023-10-05 00:31 - 2023-10-05 00:31 - 000001046 _____ C:\Users\Isek\Desktop\MWAVSCAN.lnk
2023-10-05 00:31 - 2023-10-05 00:31 - 000000000 ____D C:\ProgramData\MicroWorld
2023-10-05 00:26 - 2023-10-05 00:29 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\Isek\Downloads\mwav.exe
2023-10-04 22:19 - 2023-10-04 22:19 - 000000000 ____D C:\ProgramData\Piriform
2023-10-04 22:13 - 2023-10-04 23:01 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-04 22:13 - 2023-10-04 22:13 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-04 22:13 - 2023-10-04 22:13 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Isek
2023-10-04 22:12 - 2023-10-05 13:38 - 000000000 ____D C:\Program Files\CCleaner
2023-10-04 22:12 - 2023-10-04 22:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-04 22:12 - 2023-10-04 22:12 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-10-04 22:12 - 2023-10-04 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-04 22:09 - 2023-10-04 22:10 - 058311208 _____ (Piriform Software Ltd) C:\Users\Isek\Downloads\ccsetup616.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-05 14:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-05 14:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-05 13:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-05 13:47 - 2022-03-08 14:38 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-05 13:45 - 2018-03-16 14:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-10-05 13:45 - 2015-12-31 09:57 - 000000000 __SHD C:\Users\Isek\IntelGraphicsProfiles
2023-10-05 13:45 - 2015-12-31 09:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-05 13:42 - 2015-12-31 12:13 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-05 13:33 - 2022-03-08 06:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-05 13:33 - 2022-03-08 05:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-05 13:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-05 13:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-05 13:30 - 2022-03-08 13:48 - 000722226 _____ C:\WINDOWS\system32\perfh005.dat
2023-10-05 13:30 - 2022-03-08 13:48 - 000149196 _____ C:\WINDOWS\system32\perfc005.dat
2023-10-05 13:30 - 2022-03-08 06:24 - 001694146 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-05 13:24 - 2015-09-22 22:39 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-10-05 13:22 - 2018-03-14 19:23 - 000000000 ____D C:\Program Files\rempl
2023-10-05 13:04 - 2022-03-08 05:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-05 12:20 - 2020-11-29 14:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-05 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-05 12:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-05 12:08 - 2022-03-08 06:21 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-05 12:08 - 2022-03-08 06:21 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-05 12:08 - 2015-12-31 12:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-05 12:08 - 2015-12-31 12:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-05 12:05 - 2022-03-08 05:59 - 000287784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-05 11:59 - 2022-03-08 13:48 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-10-05 11:59 - 2022-03-08 13:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-05 11:58 - 2022-03-08 13:48 - 000000000 ____D C:\WINDOWS\system32\cs
2023-10-05 11:58 - 2022-03-08 13:40 - 000000000 ____D C:\WINDOWS\en-GB
2023-10-05 11:58 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-05 11:58 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-05 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-10-05 02:34 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-05 02:34 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-05 02:31 - 2018-09-05 15:10 - 000000000 ____D C:\ProgramData\Packages
2023-10-05 02:02 - 2022-03-08 06:05 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-05 00:41 - 2015-12-31 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-10-05 00:37 - 2015-07-10 13:04 - 000000620 _____ C:\WINDOWS\win.ini
2023-10-05 00:33 - 2016-02-06 14:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-05 00:32 - 2022-03-08 06:37 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-05 00:32 - 2022-03-08 06:37 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-05 00:26 - 2015-12-31 09:57 - 000000000 ____D C:\Users\Isek\AppData\Local\Packages
2023-10-05 00:20 - 2016-02-06 14:58 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-04 23:52 - 2018-09-05 05:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-04 23:27 - 2022-03-08 06:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-10-04 23:27 - 2015-09-22 21:40 - 000000000 ____D C:\Program Files\Lenovo
2023-10-04 23:03 - 2018-10-06 19:22 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-04 22:19 - 2022-03-08 06:37 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8F459C85-D42C-4876-9B6A-9FF55C55A3E2}
2023-10-04 22:17 - 2015-12-31 12:23 - 000000000 ____D C:\Users\Isek\AppData\Roaming\DAEMON Tools Lite
2023-10-04 22:16 - 2022-02-01 15:32 - 000000000 ___DC C:\WINDOWS\Panther
2023-10-04 22:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-04 22:08 - 2022-03-08 06:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-344944272-2692266573-2562361775-1001
2023-10-04 22:08 - 2022-03-08 06:37 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-344944272-2692266573-2562361775-1001
2023-10-04 22:08 - 2022-03-08 06:10 - 000002381 _____ C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-04 19:28 - 2018-11-29 20:58 - 000000000 ____D C:\Users\Isek\AppData\Roaming\Seznam.cz
2023-10-04 19:15 - 2018-10-28 15:33 - 000000000 ____D C:\Users\Isek\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2014-09-21 11:47 - 2015-12-31 12:44 - 000048753 _____ () C:\Program Files (x86)\AutoMapa EU.md5
2015-12-31 09:57 - 2023-10-05 13:37 - 003797299 _____ () C:\Users\Isek\AppData\Local\BTServer.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Isek (05-10-2023 14:10:16)
Running from C:\Users\Isek\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) (2022-03-08 04:38:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-344944272-2692266573-2562361775-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-344944272-2692266573-2562361775-503 - Limited - Disabled)
Guest (S-1-5-21-344944272-2692266573-2562361775-501 - Limited - Disabled)
Isek (S-1-5-21-344944272-2692266573-2562361775-1001 - Administrator - Enabled) => C:\Users\Isek
WDAGUtilityAccount (S-1-5-21-344944272-2692266573-2562361775-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.291 - ArcSoft)
ASUS My Cinema-U3000 Hybrid_x64 (HKLM-x32\...\{4D76622F-D3A0-43CA-9731-D91064FE87F5}) (Version: - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Disk Google (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\707165459698977441795f731631d334) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\7570e6c75fa1d8d996d9018d6018487f) (Version: 1.0 - Google\Chrome)
FleetBoard Cockpit verze 1.26.0 (HKLM-x32\...\FleetBoardClientUnifiedId_is1) (Version: 1.26.0 - Daimler FleetBoard GmbH)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.3.0.10826 - Foxit Software Inc.)
Gmail (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\0995a4374efe08bf251ce1e47318484c) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.149 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{8B0B53D2-F5B8-4A67-93B0-5960D6ED6186}) (Version: 11.0.0.1153 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{FD37351B-3074-4652-8188-1B3FB784EC4E}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}) (Version: 14.5.2.1088 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2378 - GenesysLogic)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Access MUI (Czech) 2013 (HKLM-x32\...\{90150000-0015-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM-x32\...\{90150000-0090-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM-x32\...\{90150000-00BA-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM-x32\...\{90150000-0044-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM-x32\...\{90150000-00E1-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM-x32\...\{90150000-00E2-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM-x32\...\{90150000-002C-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2013 (HKLM\...\{90150000-002A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2013 (HKLM-x32\...\{90150000-00A1-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM-x32\...\{90150000-001A-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM-x32\...\{90150000-0018-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM-x32\...\{90150000-0019-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2013 (HKLM-x32\...\{90150000-001B-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Navigator 15 - Setup Utility 15.0.2-1 (HKLM-x32\...\MAPFACTOR_SETUP_UTILITY_HYBRID_15_is1) (Version: 15.0.2-1 - MapFactor s.r.o)
Need for Speed Underground 2 Demo (HKLM-x32\...\{C5EB90E1-8A46-4ED5-009D-C793E646C04F}) (Version: - )
PC Navigator 15 15.0.2-1 (HKLM-x32\...\PCNavigator15_is1) (Version: 15.0.2-1 - MapFactor s.r.o)
Prezentace (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\3d87ebbc8acbddfcc093f97d6cfb9200) (Version: 1.0 - Google\Chrome)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.002.10 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Tabulky (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\c3d274c7dc4341192e709b440f14513e) (Version: 1.0 - Google\Chrome)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\1ef6fb15c7685028285b3923687321d6) (Version: 1.0 - Google\Chrome)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2308.29.0_x64__k1h2ywk1493x8 [2023-10-05] (LENOVO INC.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2022-03-08] (LENOVO INCORPORATED.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Studios) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-11-12] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-344944272-2692266573-2562361775-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-344944272-2692266573-2562361775-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-344944272-2692266573-2562361775-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2018-03-13 14:13 - 2016-09-22 08:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2015-12-31 14:33 - 2012-06-09 20:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-07-22 19:44 - 2015-07-22 19:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2018-03-13 14:15 - 2016-09-22 08:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2015-07-22 19:44 - 2015-07-22 19:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2022-03-08 06:14 - 2022-03-08 06:14 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2022-03-08 06:14 - 2022-03-08 06:14 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2018-03-13 14:14 - 2016-09-22 08:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-344944272-2692266573-2562361775-1001 -> DefaultScope {11DD8A8B-43B2-4468-AC2B-257FCFAC3265} URL =
SearchScopes: HKU\S-1-5-21-344944272-2692266573-2562361775-1001 -> {11DD8A8B-43B2-4468-AC2B-257FCFAC3265} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Setup Utility 15.0"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F9AD5E45-FF60-41CF-8735-6DF02B4948AD}] => (Allow) LPort=1689
FirewallRules: [{5E4445FD-10E4-4739-88F4-FEBBCFCB6340}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{B9D6AF22-5616-4C00-80EE-0778306C6013}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{70D7CC10-6974-49C8-8BBB-41A16BC585F9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8252CB92-CABF-495B-8684-1C1A321B2F4E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{971B4B62-FC52-40E2-83A6-97EDD72EA220}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{6C4632D1-5760-4E7F-ACAD-56C9FAE9D6F7}C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe () [File not signed]
FirewallRules: [UDP Query User{1C2CA964-C32C-449A-92EE-4173CF5EDE3E}C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe () [File not signed]
FirewallRules: [TCP Query User{B3E9B71F-E347-4148-BC36-037694A715F2}C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe
FirewallRules: [UDP Query User{BC7C47B2-9924-40D8-BD71-7417F39B7176}C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe
FirewallRules: [{472C003F-E806-40A3-AA16-7EE564E1AF25}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A851C690-8F05-4ACA-B6BC-CE17E566364C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{310C183A-A989-4B88-A751-CE2F46F16165}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{895780E2-2172-4F03-A1FF-56931FA47112}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1CDA248-478D-49DC-99A6-DA66DA47118D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{837112D9-8785-44D3-9F5B-76A8F4839DA3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
05-10-2023 00:11:08 Windows Modules Installer
05-10-2023 00:57:10 Windows Modules Installer
05-10-2023 01:04:49 Windows Modules Installer
05-10-2023 12:21:55 Windows Modules Installer
05-10-2023 13:28:24 Windows Modules Installer
05-10-2023 13:46:37 Windows Modules Installer
05-10-2023 13:59:44 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/05/2023 01:28:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.3393 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2468
Čas spuštění: 01d9f77db5f8cbe8
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 3caaafec-1afd-4efb-a6b7-808ff9e78f13
Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel
Typ zablokování: Quiesce
Error: (10/05/2023 09:12:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GDCAgent.exe, verze: 1.0.1.6, časové razítko: 0x55b8998c
Název chybujícího modulu: GDCAgent.exe, verze: 1.0.1.6, časové razítko: 0x55b8998c
Kód výjimky: 0xc0000005
Posun chyby: 0x00020fb8
ID chybujícího procesu: 0x978
Čas spuštění chybující aplikace: 0x01d9f70b78ca1ce1
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
ID zprávy: 0adcd589-b315-4b3d-828e-7875d7f127b7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/04/2023 11:18:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ekrn.exe, verze: 10.5.166.0, časové razítko: 0x5b8e5e1e
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x744
Čas spuštění chybující aplikace: 0x01d9f705f32fe0a3
Cesta k chybující aplikaci: C:\Program Files\ESET\ESET Security\ekrn.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 322deae3-a75a-402d-ba94-5ef8a73f28ed
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/04/2023 11:18:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (10/04/2023 11:07:05 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (10/04/2023 10:25:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Conexant UIU Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/04/2023 08:19:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na LENOVO (D:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (10/04/2023 08:19:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na Windows (C:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
System errors:
=============
Error: (10/05/2023 01:48:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Time přestala během spouštění reagovat.
Error: (10/05/2023 01:46:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker přestala během spouštění reagovat.
Error: (10/05/2023 01:43:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Downloaded Maps Manager přestala během spouštění reagovat.
Error: (10/05/2023 01:41:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba GDCAgent přestala během spouštění reagovat.
Error: (10/05/2023 01:39:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Delivery Optimization přestala během spouštění reagovat.
Error: (10/05/2023 01:35:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/05/2023 01:35:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (10/05/2023 01:32:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Rozhraní Microsoft .NET Framework 4.8.1 pro Windows 10 Version 22H2 pro systémy x64 (KB5011048).
Windows Defender:
================
Date: 2023-10-05 09:00:47
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-05 08:58:48
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-05 08:58:48
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-05 08:58:41
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\cert\installAll.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2022-07-07 07:12:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1BA315B0-5CDD-4138-943B-62A9CE5D5A32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-10-05 09:56:30
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\SIH\bin\cbs\{5403B8BF-4265-11E8-9849-705A0F491A19}\amd64_microsoft-windows-u..usnotificationuxexe_31bf3856ad364e35_10.0.10240.17443_none_7c0a3888ac857b70\musnotificationux.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-10-05 03:48:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E0CN16WW 08/04/2015
Motherboard: LENOVO Nano 5B6
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 4011.01 MB
Available physical RAM: 655.54 MB
Total Virtual: 7595.01 MB
Available Virtual: 3960.88 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:420.48 GB) (Free:40.34 GB) (Model: HGST HTS545050A7E660) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:16.78 GB) (Model: HGST HTS545050A7E660) NTFS
\\?\Volume{f41324ce-18d6-48e2-aa60-df16032b0bab}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.37 GB) NTFS
\\?\Volume{d6d12946-092d-4604-963d-056e640dd042}\ (LENOVO_PART) (Fixed) (Total:18.06 GB) (Free:5.08 GB) NTFS
\\?\Volume{1cb00644-3c20-4019-a173-92fbc6ee667c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8B1A3F07)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Isek (administrator) on LAPTOP-65VSTD3D (LENOVO 80QQ) (05-10-2023 13:50:55)
Running from C:\Users\Isek\Desktop\FRST64.exe
Loaded Profiles: Isek
Platform: Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) Language: Angličtina (Spojené státy) -> Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (LENOVO -> ) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(LenovoSecurityAddin).exe
(Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantage-(SmartInteractAddin).exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\netsh.exe
(MusNotification.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21580.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3385_none_7e1c800a7c81ffd9\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2015-09-22] (LENOVO -> )
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-11] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [170496 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [Setup Utility 15.0] => C:\Program Files (x86)\Navigator15\Setup Utility\clickertray.exe [423424 2015-05-15] () [File not signed]
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-30] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Isek\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Isek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [Microsoft Edge Update] => C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-07-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\117.0.5938.149\Installer\chrmstp.exe [2023-10-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\newfolder1 [2022-03-08]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {DF40DB95-C348-4851-B317-4C022BEF7C62} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D80F9B3C-1D10-42F2-A8C0-BB5AE45B95CF} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cd4c348d-e6d8-4478-b0e6-17cfb7a84143" --version "6.16.10662" --silent
Task: {E406BE1A-EB32-420B-8D8B-231A7786F05D} - System32\Tasks\CCleanerSkipUAC - Isek => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D5E9D477-3E60-422C-8B61-642DE3483974} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-09-22] (CyberLink Corp. -> CyberLink Corp.)
Task: {DF380048-41F7-4378-834E-F4B19E64691B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {CBD61D39-96AE-446B-9ADC-B11BCD088F5C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-31] (Google Inc -> Google Inc.)
Task: {1779C9D4-D71B-4862-97B3-EBEB9724E6DA} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [287688 2015-12-31] (LENOVO -> Lenovo)
Task: {AD6DD026-D13B-4972-BCEA-AF14BEF8B2A9} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {91041B70-F81C-413E-A232-B0E96ABEC877} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {EEC7E7C7-DBC6-436A-A6E0-54CC69A63888} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {8659917B-21C1-490F-9C95-2B060861D62D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\069463b6-3f90-4e42-a664-f52e03b903e5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {7F164B40-7B85-4364-A8C5-96C1D1DBF0D3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1fbaf62e-8e70-4349-bfb7-5f1e5ef3dc8e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {88502D43-FA50-4B76-9568-CEB1E232B49A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\72d96158-7ad8-41c5-a905-4dc20fc29a6e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {E5D5DC98-BF7C-4D51-AC23-ECB7023732D5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c941b869-1ee9-40f6-be9a-211fd94291df => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {2AFAEE46-176B-4744-9F57-19A1FD7A175F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {5A03E6CC-793E-4B77-9B20-F11C6875318C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270272 2015-08-07] (LENOVO -> Lenovo)
Task: {4D2A20A0-E9D8-4341-8BB6-45CCD7590626} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320384 2015-08-07] (LENOVO -> Lenovo)
Task: {F9B73F6D-76D3-433B-84AF-40D7C25D2D0D} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9476544 2015-08-07] (LENOVO -> )
Task: {BD86F62A-0646-489B-A819-D7AEC431413E} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [829344 2015-07-13] (LENOVO -> )
Task: {C15D7891-AFC8-4710-9D9B-451E9566EABC} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [808352 2015-07-13] (LENOVO -> )
Task: {053B10D2-4709-47DB-A5A3-FBC69908210F} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {08D31610-6BE5-40DC-B787-7E4B24B843CE} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {EE43045D-F31D-4CDF-9254-A22BC8601D7F} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {BE9F56E1-8C03-4187-9E55-71D8EF258A83} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {42A6B2B7-2E5F-4D4E-91A7-44BE7F78A307} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {07EE3668-5BD2-4D62-9F37-174C4F645E55} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {7A1D6CE9-2DB2-41C8-9EC0-C182D3C836F5} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {AFFE1E2D-D93A-4EFB-BAC8-0C6ED4BA9864} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBoostAddin.Prompt => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {214A6694-4014-4621-8AD7-92B0C13162B3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {8ED078E0-0C5C-4008-92A9-3B3726A32CEA} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {DDBA3975-F827-4978-89D3-CD4BCF09AF6F} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {2EE6A073-D409-4D19-B68B-E482C7DC14B3} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {A61CE763-3680-49CC-8CB2-94CAF18891B2} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe [30040 2023-07-14] (Lenovo -> Lenovo)
Task: {60A624A1-34B2-4C57-A22B-9091C06E2A32} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (No File)
Task: {9516FE4A-22F6-4D19-B0B9-26CAB7608639} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe [71680 2022-03-08] (Microsoft Windows -> Microsoft Corporation) -> C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5493BA10-C8E8-4887-84B6-6205D0B650DE} - System32\Tasks\Microsoft\Windows\rempl\shell-compact => %ProgramFiles%\rempl\remsh.exe /RunCompactOnly (No File)
Task: {4A412118-7C92-4B25-A4E6-8A0CDB3B526E} - System32\Tasks\Microsoft\Windows\rempl\shell-restore => %ProgramFiles%\rempl\remsh.exe /RunRestoreHealthOnly (No File)
Task: {A807E008-4B68-413D-8297-A648A8A11730} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock => %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {466E5E42-1F73-4330-8FCA-EC3E0FCC8F71} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-sih => %ProgramFiles%\rempl\remsh.exe /RunSihScanOnly (No File)
Task: {66861E43-E096-4C00-802A-EB8F29B183BC} - System32\Tasks\Microsoft\Windows\rempl\shell-unlock-storagesense => %ProgramFiles%\rempl\remsh.exe /RunStorageSenseTaskOnly (No File)
Task: {8E00CC8B-9FD0-4915-B668-1DB88041CD50} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => %ProgramFiles%\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {037202B8-D1FB-4D0D-A99A-79AC25A5019B} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => %windir%\system32\EOSNotify.exe (No File)
Task: {ADED6644-F705-4A5C-8C4C-42F39ED8F5FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A03283B1-916E-4DDC-89C8-104CDD40BFE0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DC320900-5E33-4DC9-971A-C35878AE3CE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F01F0695-6030-470C-84AA-C6BDBD70547C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F26F6548-0DE1-460C-ACCD-F8623D6717F1} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-344944272-2692266573-2562361775-1001Core{40D238CF-B579-48EC-A701-7F54D755ACFA} => C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {717EAEA4-2311-49C3-92C4-5B95CEA3EC0C} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-344944272-2692266573-2562361775-1001UA{98463A9E-069C-4CE8-9EB7-8413E88E9F8D} => C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206256 2023-01-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C655495C-DE45-46F3-90E1-D4A9235D6923} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-05-28] (CyberLink Corp. -> CyberLink Corp.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{560098f7-2b89-4aa2-90a8-fcc4ac54eff6}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{d4006723-a370-4ad4-bc08-4f408e57ffcd}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Isek\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-04]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Isek\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-07-12]
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2018-09-19] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default [2023-10-05]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.gametwist.com
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}&sourceid=62744&thru=quicksearch
CHR DefaultSearchKeyword: Default -> seznam
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-10-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-04]
CHR Extension: (Seznam.cz) - C:\Users\Isek\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2023-10-05]
CHR Profile: C:\Users\Isek\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-04]
CHR HKU\S-1-5-21-344944272-2692266573-2562361775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-344944272-2692266573-2562361775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [41176 2015-03-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [120024 2015-07-02] (Realtek Semiconductor Corp -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [650680 2015-07-29] (LENOVO -> Lenovo)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1368408 2015-11-30] (Disc Soft Ltd -> Disc Soft Ltd)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-30] (LENOVO -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\LenovoVantageService.exe [34176 2023-07-14] (Lenovo -> Lenovo)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-08-07] (LENOVO -> Lenovo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-04] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-12-31] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [46392 2015-12-31] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [141512 2018-09-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [239296 2013-08-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
S1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188824 2018-09-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-09-04] (ESET, spol. s r.o. -> ESET)
R3 glavcam; C:\WINDOWS\system32\DRIVERS\glavcam.sys [3476736 2015-12-31] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2023-10-05] (Bitdefender SRL -> Bitdefender)
S3 u3kh64; C:\WINDOWS\system32\DRIVERS\u3kh64.sys [1802752 2007-07-31] (Microsoft Windows Hardware Compatibility Publisher -> DiBcom)
S3 u3khrc64; C:\WINDOWS\system32\DRIVERS\u3khrc64.sys [17024 2007-05-16] (Microsoft Windows Hardware Compatibility Publisher -> DiBcom S.A.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-04] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
S3 MpKsl147d5177; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{33A10A63-372F-427C-9A49-19CE5A0DF149}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-05 13:50 - 2023-10-05 13:56 - 000032104 _____ C:\Users\Isek\Desktop\FRST.txt
2023-10-05 13:49 - 2023-10-05 13:54 - 000000000 ____D C:\FRST
2023-10-05 13:47 - 2023-10-05 13:47 - 002382848 _____ (Farbar) C:\Users\Isek\Desktop\FRST64.exe
2023-10-05 13:42 - 2023-10-05 13:44 - 000000000 ____D C:\WINDOWS\LastGood
2023-10-05 13:35 - 2023-10-05 13:35 - 000000000 ____D C:\ProgramData\PLUG
2023-10-05 13:30 - 2023-10-05 13:30 - 000000000 ____D C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2023-10-05 13:22 - 2023-10-05 13:22 - 000000000 ____D C:\Program Files\RUXIM
2023-10-05 01:03 - 2023-10-05 01:03 - 000000000 ___HD C:\$WinREAgent
2023-10-05 00:37 - 2023-10-05 08:34 - 000000054 _____ C:\WINDOWS\Lic.xxx
2023-10-05 00:37 - 2023-10-05 00:37 - 000000000 ____D C:\PUB
2023-10-05 00:31 - 2023-10-05 00:31 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2023-10-05 00:31 - 2023-10-05 00:31 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2023-10-05 00:31 - 2023-10-05 00:31 - 000001046 _____ C:\Users\Isek\Desktop\MWAVSCAN.lnk
2023-10-05 00:31 - 2023-10-05 00:31 - 000000000 ____D C:\ProgramData\MicroWorld
2023-10-05 00:26 - 2023-10-05 00:29 - 303908928 _____ (MicroWorld Technologies Inc.) C:\Users\Isek\Downloads\mwav.exe
2023-10-04 22:19 - 2023-10-04 22:19 - 000000000 ____D C:\ProgramData\Piriform
2023-10-04 22:13 - 2023-10-04 23:01 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-04 22:13 - 2023-10-04 22:13 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-04 22:13 - 2023-10-04 22:13 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Isek
2023-10-04 22:12 - 2023-10-05 13:38 - 000000000 ____D C:\Program Files\CCleaner
2023-10-04 22:12 - 2023-10-04 22:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-04 22:12 - 2023-10-04 22:12 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2023-10-04 22:12 - 2023-10-04 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-10-04 22:09 - 2023-10-04 22:10 - 058311208 _____ (Piriform Software Ltd) C:\Users\Isek\Downloads\ccsetup616.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-05 14:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-05 14:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-05 13:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-05 13:47 - 2022-03-08 14:38 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-05 13:45 - 2018-03-16 14:35 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2023-10-05 13:45 - 2015-12-31 09:57 - 000000000 __SHD C:\Users\Isek\IntelGraphicsProfiles
2023-10-05 13:45 - 2015-12-31 09:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-05 13:42 - 2015-12-31 12:13 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-05 13:33 - 2022-03-08 06:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-05 13:33 - 2022-03-08 05:59 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-05 13:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-05 13:33 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-05 13:30 - 2022-03-08 13:48 - 000722226 _____ C:\WINDOWS\system32\perfh005.dat
2023-10-05 13:30 - 2022-03-08 13:48 - 000149196 _____ C:\WINDOWS\system32\perfc005.dat
2023-10-05 13:30 - 2022-03-08 06:24 - 001694146 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-05 13:24 - 2015-09-22 22:39 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-10-05 13:22 - 2018-03-14 19:23 - 000000000 ____D C:\Program Files\rempl
2023-10-05 13:04 - 2022-03-08 05:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-05 12:20 - 2020-11-29 14:59 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-05 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-05 12:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-05 12:08 - 2022-03-08 06:21 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-05 12:08 - 2022-03-08 06:21 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-10-05 12:08 - 2015-12-31 12:14 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-05 12:08 - 2015-12-31 12:14 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-10-05 12:05 - 2022-03-08 05:59 - 000287784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-05 11:59 - 2022-03-08 13:48 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2023-10-05 11:59 - 2022-03-08 13:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-05 11:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-05 11:58 - 2022-03-08 13:48 - 000000000 ____D C:\WINDOWS\system32\cs
2023-10-05 11:58 - 2022-03-08 13:40 - 000000000 ____D C:\WINDOWS\en-GB
2023-10-05 11:58 - 2019-12-07 11:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-05 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-05 11:58 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-05 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-10-05 02:34 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-10-05 02:34 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-10-05 02:31 - 2018-09-05 15:10 - 000000000 ____D C:\ProgramData\Packages
2023-10-05 02:02 - 2022-03-08 06:05 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-05 00:41 - 2015-12-31 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2023-10-05 00:37 - 2015-07-10 13:04 - 000000620 _____ C:\WINDOWS\win.ini
2023-10-05 00:33 - 2016-02-06 14:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-05 00:32 - 2022-03-08 06:37 - 000003714 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-05 00:32 - 2022-03-08 06:37 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-05 00:26 - 2015-12-31 09:57 - 000000000 ____D C:\Users\Isek\AppData\Local\Packages
2023-10-05 00:20 - 2016-02-06 14:58 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-04 23:52 - 2018-09-05 05:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-04 23:27 - 2022-03-08 06:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-10-04 23:27 - 2015-09-22 21:40 - 000000000 ____D C:\Program Files\Lenovo
2023-10-04 23:03 - 2018-10-06 19:22 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-04 22:19 - 2022-03-08 06:37 - 000004208 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8F459C85-D42C-4876-9B6A-9FF55C55A3E2}
2023-10-04 22:17 - 2015-12-31 12:23 - 000000000 ____D C:\Users\Isek\AppData\Roaming\DAEMON Tools Lite
2023-10-04 22:16 - 2022-02-01 15:32 - 000000000 ___DC C:\WINDOWS\Panther
2023-10-04 22:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-04 22:08 - 2022-03-08 06:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-344944272-2692266573-2562361775-1001
2023-10-04 22:08 - 2022-03-08 06:37 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-344944272-2692266573-2562361775-1001
2023-10-04 22:08 - 2022-03-08 06:10 - 000002381 _____ C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-04 19:28 - 2018-11-29 20:58 - 000000000 ____D C:\Users\Isek\AppData\Roaming\Seznam.cz
2023-10-04 19:15 - 2018-10-28 15:33 - 000000000 ____D C:\Users\Isek\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2014-09-21 11:47 - 2015-12-31 12:44 - 000048753 _____ () C:\Program Files (x86)\AutoMapa EU.md5
2015-12-31 09:57 - 2023-10-05 13:37 - 003797299 _____ () C:\Users\Isek\AppData\Local\BTServer.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Isek (05-10-2023 14:10:16)
Running from C:\Users\Isek\Desktop
Microsoft Windows 10 Home Version 22H2 19045.3448 (X64) (2022-03-08 04:38:54)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-344944272-2692266573-2562361775-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-344944272-2692266573-2562361775-503 - Limited - Disabled)
Guest (S-1-5-21-344944272-2692266573-2562361775-501 - Limited - Disabled)
Isek (S-1-5-21-344944272-2692266573-2562361775-1001 - Administrator - Enabled) => C:\Users\Isek
WDAGUtilityAccount (S-1-5-21-344944272-2692266573-2562361775-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Security (Disabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{29E44E9D-ACB2-4D2D-849F-5361C941B7E1}) (Version: 3.5.7.331 - ArcSoft)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.291 - ArcSoft)
ASUS My Cinema-U3000 Hybrid_x64 (HKLM-x32\...\{4D76622F-D3A0-43CA-9731-D91064FE87F5}) (Version: - ASUSTeK Computer Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd)
Disk Google (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\707165459698977441795f731631d334) (Version: 1.0 - Google\Chrome)
Dokumenty (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\7570e6c75fa1d8d996d9018d6018487f) (Version: 1.0 - Google\Chrome)
FleetBoard Cockpit verze 1.26.0 (HKLM-x32\...\FleetBoardClientUnifiedId_is1) (Version: 1.26.0 - Daimler FleetBoard GmbH)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.3.0.10826 - Foxit Software Inc.)
Gmail (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\0995a4374efe08bf251ce1e47318484c) (Version: 1.0 - Google\Chrome)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.149 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{55398EAC-F58E-4F19-B553-BDF8B9EFD839}) (Version: 10.1.1.9 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{8B0B53D2-F5B8-4A67-93B0-5960D6ED6186}) (Version: 11.0.0.1153 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{FD37351B-3074-4652-8188-1B3FB784EC4E}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{303C5CD6-2525-49C5-9E49-DBD92F9F63BD}) (Version: 14.5.2.1088 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2378 - GenesysLogic)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.5708 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.72.0 - Lenovo Group Ltd.)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Access MUI (Czech) 2013 (HKLM-x32\...\{90150000-0015-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM-x32\...\{90150000-0090-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM-x32\...\{90150000-0016-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM-x32\...\{90150000-00BA-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM-x32\...\{90150000-0044-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (HKLM\...\{90150000-002A-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM-x32\...\{90150000-00E1-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM-x32\...\{90150000-00E2-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM-x32\...\{90150000-002C-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2013 (HKLM\...\{90150000-002A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM-x32\...\{90150000-006E-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2013 (HKLM-x32\...\{90150000-00A1-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM-x32\...\{90150000-001A-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM-x32\...\{90150000-0018-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM-x32\...\{90150000-0019-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (Czech) 2013 (HKLM-x32\...\{90150000-001B-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Navigator 15 - Setup Utility 15.0.2-1 (HKLM-x32\...\MAPFACTOR_SETUP_UTILITY_HYBRID_15_is1) (Version: 15.0.2-1 - MapFactor s.r.o)
Need for Speed Underground 2 Demo (HKLM-x32\...\{C5EB90E1-8A46-4ED5-009D-C793E646C04F}) (Version: - )
PC Navigator 15 15.0.2-1 (HKLM-x32\...\PCNavigator15_is1) (Version: 15.0.2-1 - MapFactor s.r.o)
Prezentace (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\3d87ebbc8acbddfcc093f97d6cfb9200) (Version: 1.0 - Google\Chrome)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.002.10 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Seznam Software (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Tabulky (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\c3d274c7dc4341192e709b440f14513e) (Version: 1.0 - Google\Chrome)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUS_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows PC Health Check (HKLM\...\{6798C408-2636-448C-8AC6-F4E341102D27}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
YouTube (HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\1ef6fb15c7685028285b3923687321d6) (Version: 1.0 - Google\Chrome)
Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Corporation)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2308.29.0_x64__k1h2ywk1493x8 [2023-10-05] (LENOVO INC.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2022-03-08] (LENOVO INCORPORATED.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-10-05] (Microsoft Studios) [MS Ad]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-11-12] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-344944272-2692266573-2562361775-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-344944272-2692266573-2562361775-1001_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-344944272-2692266573-2562361775-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\Isek\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (LENOVO -> Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2018-09-26] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Disk Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Dokumenty.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Prezentace.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Tabulky.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\Isek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2018-03-13 14:13 - 2016-09-22 08:11 - 000081920 _____ () [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2015-12-31 14:33 - 2012-06-09 20:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-07-22 19:44 - 2015-07-22 19:44 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2018-03-13 14:15 - 2016-09-22 08:06 - 001732608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\PyImage\ijl20.dll
2015-07-22 19:44 - 2015-07-22 19:44 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2022-03-08 06:14 - 2022-03-08 06:14 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2022-03-08 06:14 - 2022-03-08 06:14 - 000057344 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\MFC80ENU.DLL
2018-03-13 14:14 - 2016-09-22 08:11 - 002113536 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\python25.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-344944272-2692266573-2562361775-1001 -> DefaultScope {11DD8A8B-43B2-4468-AC2B-257FCFAC3265} URL =
SearchScopes: HKU\S-1-5-21-344944272-2692266573-2562361775-1001 -> {11DD8A8B-43B2-4468-AC2B-257FCFAC3265} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-07-18] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-31] (Oracle America, Inc. -> Oracle Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Setup Utility 15.0"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "PhotoMasterImportAgent"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-344944272-2692266573-2562361775-1001\...\StartupApproved\Run: => "Microsoft Edge Update"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F9AD5E45-FF60-41CF-8735-6DF02B4948AD}] => (Allow) LPort=1689
FirewallRules: [{5E4445FD-10E4-4739-88F4-FEBBCFCB6340}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{B9D6AF22-5616-4C00-80EE-0778306C6013}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe (ArcSoft, Inc.) [File not signed]
FirewallRules: [{70D7CC10-6974-49C8-8BBB-41A16BC585F9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8252CB92-CABF-495B-8684-1C1A321B2F4E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{971B4B62-FC52-40E2-83A6-97EDD72EA220}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{6C4632D1-5760-4E7F-ACAD-56C9FAE9D6F7}C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe () [File not signed]
FirewallRules: [UDP Query User{1C2CA964-C32C-449A-92EE-4173CF5EDE3E}C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\fleetboard.exe () [File not signed]
FirewallRules: [TCP Query User{B3E9B71F-E347-4148-BC36-037694A715F2}C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe
FirewallRules: [UDP Query User{BC7C47B2-9924-40D8-BD71-7417F39B7176}C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe] => (Allow) C:\program files (x86)\fleetboard\fleetboard cockpit\jre\bin\javaw.exe
FirewallRules: [{472C003F-E806-40A3-AA16-7EE564E1AF25}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A851C690-8F05-4ACA-B6BC-CE17E566364C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{310C183A-A989-4B88-A751-CE2F46F16165}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{895780E2-2172-4F03-A1FF-56931FA47112}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1CDA248-478D-49DC-99A6-DA66DA47118D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{837112D9-8785-44D3-9F5B-76A8F4839DA3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
05-10-2023 00:11:08 Windows Modules Installer
05-10-2023 00:57:10 Windows Modules Installer
05-10-2023 01:04:49 Windows Modules Installer
05-10-2023 12:21:55 Windows Modules Installer
05-10-2023 13:28:24 Windows Modules Installer
05-10-2023 13:46:37 Windows Modules Installer
05-10-2023 13:59:44 Windows Modules Installer
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/05/2023 01:28:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.3393 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2468
Čas spuštění: 01d9f77db5f8cbe8
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: 3caaafec-1afd-4efb-a6b7-808ff9e78f13
Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel
Typ zablokování: Quiesce
Error: (10/05/2023 09:12:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GDCAgent.exe, verze: 1.0.1.6, časové razítko: 0x55b8998c
Název chybujícího modulu: GDCAgent.exe, verze: 1.0.1.6, časové razítko: 0x55b8998c
Kód výjimky: 0xc0000005
Posun chyby: 0x00020fb8
ID chybujícího procesu: 0x978
Čas spuštění chybující aplikace: 0x01d9f70b78ca1ce1
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
ID zprávy: 0adcd589-b315-4b3d-828e-7875d7f127b7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/04/2023 11:18:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ekrn.exe, verze: 10.5.166.0, časové razítko: 0x5b8e5e1e
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x744
Čas spuštění chybující aplikace: 0x01d9f705f32fe0a3
Cesta k chybující aplikaci: C:\Program Files\ESET\ESET Security\ekrn.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 322deae3-a75a-402d-ba94-5ef8a73f28ed
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/04/2023 11:18:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (10/04/2023 11:07:05 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (10/04/2023 10:25:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Conexant UIU Service since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (10/04/2023 08:19:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na LENOVO (D:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
Error: (10/04/2023 08:19:44 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit retrim na Windows (C:), protože: The operation requested is not supported by the hardware backing the volume. (0x8900002A)
System errors:
=============
Error: (10/05/2023 01:48:13 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Time přestala během spouštění reagovat.
Error: (10/05/2023 01:46:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker přestala během spouštění reagovat.
Error: (10/05/2023 01:43:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Downloaded Maps Manager přestala během spouštění reagovat.
Error: (10/05/2023 01:41:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba GDCAgent přestala během spouštění reagovat.
Error: (10/05/2023 01:39:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Delivery Optimization přestala během spouštění reagovat.
Error: (10/05/2023 01:35:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/05/2023 01:35:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (10/05/2023 01:32:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Rozhraní Microsoft .NET Framework 4.8.1 pro Windows 10 Version 22H2 pro systémy x64 (KB5011048).
Windows Defender:
================
Date: 2023-10-05 09:00:47
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-05 08:58:48
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd; file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-05 08:58:48
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\scripts\UnInstall_Service.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2023-10-05 08:58:41
Description:
Microsoft Defender Antivirus zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: High
Kategorie: Tool
Cesta: file:_C:\Program Files\KMSpico\cert\installAll.cmd
Původ detekce: Local machine
Typ detekce: Concrete
Zdroj detekce: Real-Time Protection
Uživatel: LAPTOP-65VSTD3D\Isek
Název procesu: C:\Users\Isek\AppData\Local\Temp\mexe.com
Verze bezpečnostních informací: AV: 1.399.44.0, AS: 1.399.44.0, NIS: 1.399.44.0
Verze modulu: AM: 1.1.23090.2007, NIS: 1.1.23090.2007
Date: 2022-07-07 07:12:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1BA315B0-5CDD-4138-943B-62A9CE5D5A32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
Date: 2023-10-04 19:52:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.393.71.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23060.1005
Kód chyby: 0x80072ee7
Popis chyby: The server name or address could not be resolved
CodeIntegrity:
===============
Date: 2023-10-05 09:56:30
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SoftwareDistribution\SIH\bin\cbs\{5403B8BF-4265-11E8-9849-705A0F491A19}\amd64_microsoft-windows-u..usnotificationuxexe_31bf3856ad364e35_10.0.10240.17443_none_7c0a3888ac857b70\musnotificationux.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2023-10-05 03:48:19
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E0CN16WW 08/04/2015
Motherboard: LENOVO Nano 5B6
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 83%
Total physical RAM: 4011.01 MB
Available physical RAM: 655.54 MB
Total Virtual: 7595.01 MB
Available Virtual: 3960.88 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:420.48 GB) (Free:40.34 GB) (Model: HGST HTS545050A7E660) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:16.78 GB) (Model: HGST HTS545050A7E660) NTFS
\\?\Volume{f41324ce-18d6-48e2-aa60-df16032b0bab}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.37 GB) NTFS
\\?\Volume{d6d12946-092d-4604-963d-056e640dd042}\ (LENOVO_PART) (Fixed) (Total:18.06 GB) (Free:5.08 GB) NTFS
\\?\Volume{1cb00644-3c20-4019-a173-92fbc6ee667c}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8B1A3F07)
Partition: GPT.
==================== End of Addition.txt =======================
