Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-03-2025
Ran by Lenovo (administrator) on NOŤAS (LENOVO 20251) (21-03-2025 07:53:38)
Running from C:\Users\Lenovo\Desktop\FRST64.exe
Loaded Profiles: Lenovo
Platform: Microsoft Windows 10 Home Version 1903 18362.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe
(C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe <2>
(C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe ->) (NETGEAR TAIWAN CO., LTD -> ) C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(C:\Program Files\ABBYY FineReader 16\FineReader.exe ->) (ABBYY Development, Inc. -> ABBYY) C:\Program Files\ABBYY FineReader 16\OcrEngine.Background.Host.exe <2>
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe ->) (Adobe Inc. -> ) C:\Program Files\Adobe\Adobe Photoshop 2020\Required\Plug-ins\Spaces\Adobe Spaces Helper.exe <3>
(C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe ->) (Adobe Inc. -> Adobe Inc) C:\Program Files\Adobe\Adobe Photoshop 2020\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe <6>
(C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe ->) (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Photoshop 2020\node.exe
(C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Google\Drive File Stream\104.0.4.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\104.0.4.0\crashpad_handler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe ->) (Mega Limited -> ) C:\Users\Lenovo\AppData\Local\MEGAsync\mega-desktop-app-gfxworker.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
(explorer.exe ->) () [File not signed] C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe
(explorer.exe ->) (ABBYY Development, Inc. -> ABBYY Development, Inc.) C:\Program Files\ABBYY FineReader 16\FineReader.exe
(explorer.exe ->) (Adobe Inc. -> Adobe) [File not signed] C:\Program Files\Adobe\Adobe Photoshop 2020\photoshop.exe
(explorer.exe ->) (Google LLC -> Google LLC.) C:\Program Files\Google\Drive File Stream\104.0.4.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(explorer.exe ->) (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <66>
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Mega Limited -> Mega Limited) C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <7>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) () [File not signed] C:\Program Files\Free Desktop Clock\timeserv.exe
(services.exe ->) (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe
(services.exe ->) (ABBYY Development Inc. -> ABBYY Development, Inc.) C:\Program Files\Common Files\ABBYY\FineReader\16\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NZXT, Inc. -> ) C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1910.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Skype Software Sarl -> ) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-05-03] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1130416 2024-09-13] (Adobe Inc. -> Adobe Inc.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" (No File)
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\104.0.4.0\GoogleDriveFS.exe [63973984 2025-02-21] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\104.0.4.0\GoogleDriveFS.exe [63973984 2025-02-21] (Google LLC -> Google LLC.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [AtomicAlarmClock6] => C:\Program Files\Atomic Alarm Clock\AtomicAlarmClock.exe [5321728 2016-08-16] () [File not signed]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [NeXuS-Ultimate] => C:\Program Files (x86)\Winstep\Nexus-Ultimate.exe [14558848 2011-10-11] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\104.0.4.0\GoogleDriveFS.exe [63973984 2025-02-21] (Google LLC -> Google LLC.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Thunderbird] => C:\Program Files\Mozilla Thunderbird\thunderbird.exe [463424 2025-02-21] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Chrome] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [3254368 2025-02-18] (Google LLC -> Google LLC)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [Bonus.SSR.FR16] => C:\Program Files\ABBYY FineReader 16\screenshotreader.exe [3096832 2023-07-30] (ABBYY Development, Inc. -> ABBYY Development, Inc.)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [com.messenger] => "C:\Users\Lenovo\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\Run: [ScreenPal Tray] => C:\Users\Lenovo\AppData\Local\ScreenPal\NoSplashScreen\ScreenPal.exe [1878160 2024-10-16] (Big Nerd Software, LLC -> )
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\104.0.4.0\GoogleDriveFS.exe [63973984 2025-02-21] (Google LLC -> Google LLC.)
HKLM\...\Windows x64\Print Processors\Canon G2010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEG.DLL [506368 2023-06-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\HP1120PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1120PP.DLL [65024 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon BJ Language Monitor G2010 series: C:\Windows\system32\CNMLMEG.DLL [1325568 2023-06-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP LJ M1120 MFP LM: C:\Windows\system32\ZLM1120.dll [167424 2012-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{1AF2F041-3692-46D4-B786-0C435D73C749}] -> C:\Program Files\ABBYY FineReader 16\ScreenshotReader.exe [2023-07-30] (ABBYY Development, Inc. -> ABBYY Development, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\133.0.6943.127\Installer\chrmstp.exe [2025-02-21] (Google LLC -> Google LLC)
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-02-29]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2020-01-13]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\netgear genie.lnk [2024-04-19]
ShortcutTarget: netgear genie.lnk -> C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {5F669DD2-D1E2-49CD-B7AE-EE482C9CBA73} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-10-04] (Adobe Inc. -> Adobe Inc.)
Task: {D9AC0F1C-C24A-46B4-9CF4-2F2600CFC00A} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-760426430-1322398698-3842268529-1001 => C:\Users\Lenovo\AppData\Local\MEGAsync\MEGAupdater.exe [1766664 2025-03-19] (Mega Limited -> )
Task: {370546D7-29C1-40A6-8610-5E8CB7F38441} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-760426430-1322398698-3842268529-1001 => C:\Users\Lenovo\AppData\Local\Programs\Messenger\MessengerHelper.exe [2192632 2024-09-17] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {5C4D55AE-D06D-45BC-A96C-44BDE8187243} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5846F0E5-0884-470C-BD0B-F6BF74C3B9B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DE2AA4F3-D094-4B05-A85E-FE8DFD096B93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {23FA26BB-C039-4F85-A5B3-F0136F87928D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.6-0\MpCmdRun.exe [480272 2020-03-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9EAA716-1B75-4968-B734-18CD5B05E683} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {BD4395F8-86CE-425B-AD64-DCACBD9F5B81} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {1B1B0A1C-9A1E-40A9-857B-2E4FAA1D7438} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1694ECC5-1ADD-403E-BFA8-B4CA890C416D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {400C6EAA-B4C1-4D9F-AABA-E756695D4E52} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0D7E29A1-0063-4992-86CA-E71E7637D9B4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {223E454A-5C6B-46F2-9064-2396DF6B3D96} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1A983045-28E6-4302-B607-5EB850694847} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3050377B-9BA6-4FC7-BCB6-BF6B27AECE0D} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BF4601C6-D83B-4923-BEED-08DAD2855F0F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E9CC6E2-35E0-42B6-A285-4EEB632BC979} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {F78A7BA9-202C-4ABA-A1D1-3F64189C318C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-760426430-1322398698-3842268529-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {9A230930-468F-44AC-B4A6-D8005B2413F2} - System32\Tasks\OneDrive Startup Task-S-1-5-21-760426430-1322398698-3842268529-1001 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: [S-1-5-19] => Proxy is enabled.
ProxyServer: [S-1-5-19] => 127.0.0.1:8080
ProxyEnable: [S-1-5-20] => Proxy is enabled.
ProxyServer: [S-1-5-20] => 127.0.0.1:8080
ProxyServer: [S-1-5-21-760426430-1322398698-3842268529-1001] => 127.0.0.1:8080
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{23c03b2f-2a1b-40ac-97ab-a0e1451634ce}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{23c03b2f-2a1b-40ac-97ab-a0e1451634ce}\05166756C67237027416C616879702143333025374: [DhcpNameServer] 192.168.152.6
Tcpip\..\Interfaces\{23c03b2f-2a1b-40ac-97ab-a0e1451634ce}\255646D69602E4F64756021313020527F6025374: [DhcpNameServer] 192.168.193.86
Tcpip\..\Interfaces\{23c03b2f-2a1b-40ac-97ab-a0e1451634ce}\44166796467237027416C616879702142333025374: [DhcpNameServer] 192.168.187.15
Tcpip\..\Interfaces\{23c03b2f-2a1b-40ac-97ab-a0e1451634ce}\4556E64616F5836433445403: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{23c03b2f-2a1b-40ac-97ab-a0e1451634ce}\4556E64616F5836433445403: [DhcpDomain] tendawifi.com
Tcpip\..\Interfaces\{b5f4ac6c-0ec6-49e1-92b2-0dc8b9aefa8d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b5f4ac6c-0ec6-49e1-92b2-0dc8b9aefa8d}: [DhcpDomain] tendawifi.com
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}: [DhcpDomain] tendawifi.com
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}\461627D6F64656A603: [DhcpNameServer] 192.168.150.237 192.168.3.1
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}\461627D6F64656A623: [DhcpNameServer] 192.168.150.237 192.168.1.1
Tcpip\..\Interfaces\{d22bb9ac-ab75-40ee-9000-0d9611b37417}\84551475549402058302C6964756: [DhcpNameServer] 192.168.43.1
Edge:
=======
DownloadDir: C:\Users\Lenovo\Downloads
FireFox:
========
FF DefaultProfile: v8ckfixm.default
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\v8ckfixm.default [2023-05-08]
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122 [2025-02-21]
FF NewTab: Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122 -> about:newtab
FF Extension: (SaveFrom.net helper) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122\Extensions\helper@savefrom.net.xpi [2024-05-31]
FF Extension: (To Google Translate) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-22]
FF Extension: (Playmaker – Balanced) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122\Extensions\playmaker-balanced-colorway@mozilla.org.xpi [2023-05-24]
FF Extension: (Open bookmarks in new tab) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122\Extensions\{02503e58-2fea-4dc4-893b-d35e36b92437}.xpi [2024-05-13]
FF Extension: (Open Link in New Tab) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\a7v043dk.default-release-1607556120122\Extensions\{c064b4e8-a82e-415f-9d31-8516e613182e}.xpi [2024-05-13]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2024-09-13] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2024-09-13] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2025-03-21]
CHR Notifications: Default -> hxxps://androidforum.cz; hxxps://app.todoist.com; hxxps://aukro.cz; hxxps://best.aliexpress.com; hxxps://calendar.google.com; hxxps://cuqh8u6071bc73a6s270.mergeconnection.co.in; hxxps://cz.pinterest.com; hxxps://drive.google.com; hxxps://fastshare.cz; hxxps://fzkepfawhfhb19.mergeconnection.co.in; hxxps://gw.lightinthebox.com; hxxps://joblpdcvik99hs.mergeconnection.co.in; hxxps://sk8o6.aurobis.co.in; hxxps://trading.1market.eu; hxxps://web.whatsapp.com; hxxps://www.aliexpress.com; hxxps://www.bezrealitky.cz; hxxps://www.hitpaw.com; hxxps://www.hitpaw.net; hxxps://www.instagram.com; hxxps://www.kupi.cz; hxxps://www.lidl.cz; hxxps://www.messenger.com; hxxps://www.namaximum.cz; hxxps://www.roboticky-vysavac.cz
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://www.google.com ... oogle.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adblock for Video Platforms) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjfbgljcbabnejjkhomofogabmakjad [2024-06-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Click to Tab) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebicmkkcnhdiglneianohfjapmanjoek [2020-03-15]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Save as Shortcut) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\flehofiklehmnnolpjcamplcnmhgcbkk [2024-11-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock Bear - Blokujte invazivní reklamy) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdiknemhndplpgnnnjjjhphhembfojec [2025-03-03]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2019-12-10]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tab Activate) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlmadbnpnnolpaljadgakjilggigioaj [2022-05-21]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Save as PDF) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2024-05-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (gLinks) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\leanhbopikglhiejeckmchmobphcpphm [2019-12-10]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Rozšíření Odběry RSS (od Googlu)) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2024-07-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Neater Bookmarks) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofgjggbjanlhbgaemjbkiegeebmccifi [2023-12-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Custom Cursor for Chrome™ - Vlastní kurzor) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogdlpmhglpejoiomcodnpjnfgcpmgale [2024-12-04]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (RSS Feed Reader) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2025-03-12]hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-760426430-1322398698-3842268529-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.16.0; C:\Program Files\Common Files\ABBYY\FineReader\16\Licensing\NetworkLicenseServer.exe [1528968 2023-01-18] (ABBYY Development Inc. -> ABBYY Development, Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944048 2024-09-13] (Adobe Inc. -> Adobe Inc.)
R2 AtomicAlarmClock; C:\Program Files\Free Desktop Clock\timeserv.exe [2007040 2013-04-24] () [File not signed]
R2 CAMService; C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\rust-cam\dist\native\target\release\service.exe [553600 2020-04-01] (NZXT, Inc. -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2017-03-02] (Canon Inc. -> CANON INC.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe [3533648 2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2025-02-19] (Malwarebytes Inc. -> Malwarebytes)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (Netgear Incorporated -> NETGEAR)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveUpdaterService.exe [3880256 2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
S4 SpyEmrgHealth; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencyHealth.exe [379192 2015-03-20] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S4 SpyEmrgSrv; C:\Program Files\NETGATE\Spy Emergency\SpyEmergencySrv.exe [3335008 2015-03-20] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 SyncBackFreeSchedulesMonitor; C:\Program Files (x86)\2BrightSparks\SyncBackFree\SchedulesMonitor.exe [3447536 2024-02-19] (2BrightSparks Pte. Ltd. -> 2BrightSparks Pte Ltd)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
S4 Soda PDF Desktop 11 Creator; "C:\Program Files\Soda PDF Desktop 11\creator\common\creator-ws.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 googledrivefs31626; C:\Program Files\Google\Drive File Stream\Drivers\31626\googledrivefs31626.sys [384096 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R0 klupd_0d9f16ffa_arkmon; C:\Windows\System32\Drivers\klupd_0d9f16ffa_arkmon.sys [398112 2024-11-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_0d9f16ffa_klark; C:\Windows\System32\Drivers\klupd_0d9f16ffa_klark.sys [362456 2024-11-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_0d9f16ffa_klbg; C:\Windows\System32\Drivers\klupd_0d9f16ffa_klbg.sys [198728 2024-11-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_0d9f16ffa_mark; C:\Windows\System32\Drivers\klupd_0d9f16ffa_mark.sys [265816 2024-11-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2025-02-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2025-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2025-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SpyEmrg; C:\Windows\System32\Drivers\spyemrg.sys [17240 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgAccess; C:\Windows\System32\Drivers\spyemrg_access.sys [24408 2011-04-21] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
S3 SpyEmrgGuard; C:\Windows\System32\Drivers\spyemrg_guard.sys [19768 2015-03-09] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 11\IFS64.sys [40400 2022-06-30] (Ashampoo GmbH & Co. KG -> )
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-20] (Microsoft Windows -> Microsoft Corporation)
S0 fltsrv; system32\DRIVERS\fltsrv.sys [X]
S3 klupd_0d9f16ffa_arkmon_E9A10B22; \??\C:\KVRT2020_Data\Temp\E9A10B225D984DC88D29D581BE96FF99\klupd_0d9f16ffa_arkmon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-21 07:53 - 2025-03-21 07:54 - 000036773 _____ C:\Users\Lenovo\Desktop\FRST.txt
2025-03-21 07:50 - 2025-03-21 07:50 - 002404352 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2025-03-14 11:15 - 2025-03-14 11:15 - 000633421 _____ C:\Users\Lenovo\Desktop\Potvrzeni o trvani nájemního poměru 24.10.2024 copy.pdf
2025-03-12 20:18 - 2025-03-12 20:18 - 016809855 _____ C:\Users\Lenovo\Desktop\VID-20240808-WA0013.mp4
2025-03-12 20:18 - 2025-03-12 20:18 - 002298954 _____ C:\Users\Lenovo\Desktop\cesta.mp4
2025-03-12 20:18 - 2025-03-12 20:18 - 001889065 _____ C:\Users\Lenovo\Desktop\most.mp4
2025-02-25 08:03 - 2025-02-25 08:03 - 000033908 _____ C:\Users\Lenovo\Desktop\3225011990.pdf
2025-02-22 21:54 - 2025-02-22 21:54 - 000595929 _____ C:\Users\Lenovo\Downloads\Video.mp4
2025-02-21 09:08 - 2025-02-21 09:10 - 000003641 _____ C:\Users\Lenovo\Desktop\Fixlog.txt
2025-02-21 08:35 - 2025-02-21 08:35 - 000000093 ____H C:\Users\Lenovo\Desktop\.~lock.Rozpočet.ods#
2025-02-19 15:40 - 2025-03-20 15:04 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Malwarebytes
2025-02-19 15:17 - 2025-02-19 15:17 - 008790880 _____ (Malwarebytes) C:\Users\Lenovo\Desktop\adwcleaner.exe
2025-02-19 00:15 - 2025-02-19 00:17 - 083791794 _____ C:\Users\Lenovo\Downloads\ELÁN - Znova sa ma dotkni.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-03-21 07:54 - 2020-05-18 18:13 - 000000000 ____D C:\FRST
2025-03-21 07:54 - 2020-01-13 22:38 - 000000000 ____D C:\ProgramData\Bitmeter2
2025-03-21 07:50 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-21 07:10 - 2019-12-12 04:08 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-03-21 07:10 - 2019-11-27 18:44 - 000000000 ___SD C:\Users\Lenovo\AppData\Roaming\Microsoft\Credentials
2025-03-20 12:25 - 2019-11-27 18:51 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-20 00:02 - 2020-02-29 12:31 - 000000000 ____D C:\Users\Lenovo\AppData\Local\MEGAsync
2025-03-20 00:00 - 2019-12-10 18:45 - 000000000 ___RD C:\Users\Lenovo\Disk Google
2025-03-19 02:04 - 2023-01-03 09:18 - 000000000 ____D C:\Windows\SystemTemp
2025-03-18 14:15 - 2025-02-09 22:07 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-760426430-1322398698-3842268529-1001
2025-03-18 14:15 - 2023-06-23 18:21 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-18 14:15 - 2023-06-23 18:21 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-18 14:15 - 2022-12-17 16:08 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-760426430-1322398698-3842268529-1001
2025-03-18 14:15 - 2021-06-22 16:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-13 15:53 - 2023-12-02 20:06 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Messenger
2025-03-13 15:53 - 2023-12-02 20:06 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Messenger
2025-03-07 18:55 - 2023-01-07 19:16 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{5C0C20A9-9348-4269-BBEC-43F7F7B2331E}
2025-03-07 18:55 - 2023-01-07 19:16 - 000003592 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{2BA3E877-26FE-4A85-82FA-9F5007A3BFFD}
2025-03-01 09:18 - 2025-01-23 20:21 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ScreenPal-v3
2025-03-01 09:18 - 2019-12-12 04:20 - 000000000 ____D C:\Users\Lenovo
2025-03-01 09:07 - 2020-01-02 22:10 - 000000000 ____D C:\Users\Lenovo\AppData\Local\NETGEARGenie
2025-02-21 09:14 - 2019-03-19 12:55 - 000718198 _____ C:\Windows\system32\perfh005.dat
2025-02-21 09:14 - 2019-03-19 12:55 - 000145242 _____ C:\Windows\system32\perfc005.dat
2025-02-21 09:14 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2025-02-21 09:14 - 2016-04-27 07:54 - 001693452 _____ C:\Windows\system32\PerfStringBackup.INI
2025-02-21 09:11 - 2022-10-31 13:17 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-02-21 09:10 - 2024-11-15 03:04 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-02-21 09:10 - 2021-02-27 08:23 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-02-21 09:10 - 2019-12-28 00:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-02-21 09:10 - 2019-12-12 04:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-02-21 09:10 - 2019-11-27 19:03 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2025-02-21 09:09 - 2019-03-19 05:37 - 001048576 _____ C:\Windows\system32\config\BBI
2025-02-21 08:23 - 2021-09-08 16:14 - 000002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-02-21 08:23 - 2021-09-08 16:14 - 000002014 _____ C:\Users\Default\Desktop\Google Slides.lnk
2025-02-21 08:23 - 2021-09-08 16:14 - 000002014 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2025-02-21 08:23 - 2021-09-08 16:14 - 000002002 _____ C:\Users\Default\Desktop\Google Docs.lnk
2025-02-21 03:05 - 2019-12-10 17:23 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-02-19 15:36 - 2020-03-13 03:26 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2025-02-19 15:33 - 2020-03-13 03:26 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
==================== Files in the root of some directories ========
2024-11-05 14:40 - 2024-11-06 19:47 - 000692736 _____ () C:\ProgramData\chrome.dll
2024-11-05 14:38 - 2024-11-05 14:38 - 000000008 ____H () C:\ProgramData\ed115it41.dat
2024-11-05 14:39 - 2024-11-07 20:36 - 000000004 ____H () C:\ProgramData\ed115rc41.dat
2024-11-05 14:38 - 2024-11-05 14:38 - 000000128 ____H () C:\ProgramData\ed115resa.dat
2024-11-05 14:38 - 2024-11-05 14:38 - 000000128 ____H () C:\ProgramData\ed115resb.dat
2024-11-05 14:38 - 2024-11-06 19:47 - 000685392 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll
2024-11-05 14:38 - 2024-11-06 19:47 - 000608080 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2024-11-05 14:38 - 2024-11-06 19:47 - 000450024 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll
2024-11-05 14:38 - 2024-11-06 19:47 - 002046288 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2024-11-05 14:38 - 2024-11-06 19:47 - 000257872 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll
2024-11-05 14:38 - 2024-11-06 19:47 - 000080880 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll
2024-11-05 14:38 - 2024-11-05 14:38 - 000893608 _____ (AutoIt Team) C:\Users\Public\Guard.exe
2024-11-05 14:39 - 2019-03-19 05:47 - 000046632 _____ (Microsoft Corporation) C:\Users\Public\jsc.exe
2019-12-11 07:41 - 2020-01-02 16:50 - 000000132 _____ () C:\Users\Lenovo\AppData\Roaming\Adobe PNG Format CS6 Prefs
2022-02-20 09:54 - 2022-01-26 13:04 - 000000701 _____ () C:\Users\Lenovo\AppData\Roaming\nefcodec.dll
2022-02-20 09:54 - 2022-02-20 09:54 - 000000019 _____ () C:\Users\Lenovo\AppData\Roaming\settingnef.ini
2020-03-30 13:27 - 2020-03-30 13:27 - 139261152 _____ (Wondershare Software ) C:\Users\Lenovo\AppData\Roaming\video-converter-ultimate_full495.exe
2025-01-18 20:40 - 2025-01-18 20:40 - 000003584 _____ () C:\Users\Lenovo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2024-11-05 14:39 - 2024-11-05 14:39 - 000000010 _____ () C:\Users\Lenovo\AppData\Local\ledger_timestamp
2020-02-21 18:38 - 2024-05-05 14:59 - 000000615 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log
2024-10-28 18:01 - 2024-10-28 18:01 - 000002173 _____ () C:\Users\Lenovo\AppData\Local\recently-used.xbel
2019-11-27 19:29 - 2019-11-27 19:29 - 000007605 _____ () C:\Users\Lenovo\AppData\Local\Resmon.ResmonCfg
2020-03-13 20:38 - 2020-03-13 20:38 - 000893608 _____ (AutoIt Team) C:\Users\Lenovo\AppData\Local\wintmp.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-03-2025
Ran by Lenovo (21-03-2025 07:55:13)
Running from C:\Users\Lenovo\Desktop
Microsoft Windows 10 Home Version 1903 18362.720 (X64) (2019-12-12 03:28:02)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-760426430-1322398698-3842268529-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-760426430-1322398698-3842268529-503 - Limited - Disabled)
Guest (S-1-5-21-760426430-1322398698-3842268529-501 - Limited - Disabled)
Lenovo (S-1-5-21-760426430-1322398698-3842268529-1001 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-760426430-1322398698-3842268529-504 - Limited - Disabled)
WgaUtilAcc (S-1-5-21-760426430-1322398698-3842268529-1003 - Administrator - Enabled) <==== ATTENTION
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader+ (HKLM\...\{8BF6FB72-0B99-47C8-B515-C8E75908B106}) (Version: 1.3.0.0038 - Open Media LLC) Hidden
ABBYY FineReader PDF (HKLM\...\{F16000FE-0003-6400-0000-074957833700}) (Version: 16.0.7300 - ABBYY Development, Inc.) Hidden
ABBYY FineReader PDF (HKLM-x32\...\{82df8653-ea3b-49b5-b113-47c13f8bfaa9}) (Version: 16.0.7300 - ABBYY Development, Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.4.0.361 - Adobe Inc.)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_8_1) (Version: 8.1 - Adobe Systems Incorporated)
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_2) (Version: 21.0.2 - Adobe Systems Incorporated)
Aegisub 3.2.2 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.2 - Aegisub Team)
AIDA64 Extreme v5.99 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.99 - FinalWire Ltd.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.60.2180, 25.03.2020 - AIMP DevTeam)
Apeaksoft Free HEIC Converter 1.0.18 (HKLM-x32\...\{3937AA40-E034-4137-AC6C-B111D518FEE2}_is1) (Version: 1.0.18 - Apeaksoft Studio)
Ashampoo UnInstaller 11 (HKLM-x32\...\{4209F371-B84B-F321-6BD3-1D91E2505732}_is1) (Version: 11.00.16 - Ashampoo GmbH & Co. KG)
Atomic Alarm Clock 6.3 beta (HKLM\...\Atomic Alarm Clock_is1) (Version: - Drive Software Company)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\{2799a4bd-577f-45de-a7eb-330cdd2c2ab0}) (Version: 2.7.5 - Mean)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.317.3 - Broadcom Corporation)
Canon G2010 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_G2010_series) (Version: 1.02 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.70.4.30 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.4.0.16 - Canon Inc.)
CapCut (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\CapCut) (Version: 5.0.0.1886 - Bytedance Pte. Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 6.29 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1651.5 - Piriform Software) Hidden
CodeTwo QR Code Desktop Reader & Generator (HKLM-x32\...\{AF7E31D6-980C-4788-B80C-47F1837CF44C}) (Version: 1.1.2.4 - CodeTwo)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
EasyCutStudio 6.0.3 (HKLM-x32\...\EasyCutStudio_is1) (Version: - )
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
FileZilla 3.67.1 (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\FileZilla Client) (Version: 3.67.1 - Tim Kosse)
Free Desktop Clock 3.0 (HKLM\...\Free Desktop Clock_is1) (Version: - Drive Software Company)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 104.0.4.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 133.0.6943.127 - Google LLC)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
inSSIDer (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\inSSIDer) (Version: 5.2.14 - MetaGeek, LLC)
Java 8 Update 251 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180251F0}) (Version: 8.0.2510.8 - Oracle Corporation)
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
LibreOffice 6.4 Help Pack (Czech) (HKLM\...\{AE983296-8590-4589-84E0-80B8C30ED803}) (Version: 6.4.0.3 - The Document Foundation)
LibreOffice 7.1.1.2 (HKLM\...\{14E9DACB-8945-4B62-A19B-2C6245D48490}) (Version: 7.1.1.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes version 4.6.17.334 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.17.334 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Messenger (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\c1b3adcf-2068-5e8d-b25d-30ce588e3a4c) (Version: 215.6.643112060 - Facebook, Inc.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 134.0.3124.72 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.031.0217.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
MKVToolNix 43.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 43.0.0 - Moritz Bunkus)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 122.0 (x64 cs)) (Version: 122.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.8.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 128.7.1 (x64 cs)) (Version: 128.7.1 - Mozilla)
Mp3tag v3.01 (HKLM-x32\...\Mp3tag) (Version: 3.01 - Florian Heidenreich)
NAPS2 6.1.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan)
NEF To JPG Converter V1 (HKLM-x32\...\NEF To JPG Converter_is1) (Version: - PDFZilla.com)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.60.00 - NETGEAR Inc.)
Nexus Ultimate 11.6 (HKLM-x32\...\Nexus Ultimate_is1) (Version: - )
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NZXT CAM 4.4.2 (HKLM\...\ac0666ae-ee66-5310-ac01-9d6348133b2d) (Version: 4.4.2 - NZXT, Inc.)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
PC Štítky 2.xx (HKLM-x32\...\PC Štítky 2.xx_is1) (Version: - LAN Consult, spol. s r.o.)
Pixillion Image Converter (HKLM-x32\...\Pixillion) (Version: 5.12 - NCH Software)
Planet - SoftLabel (HKLM-x32\...\{99E50E6B-8C7D-4D1D-A7CE-65128D76AD2C}) (Version: 1.1.61 - Abanet)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 24.12.16.0 - Kakao Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
Revo Uninstaller Pro 5.3.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.3.2 - VS Revo Group, Ltd.)
ScreenPal Web Launcher v3.1.10.1 (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\ScreenPal v3 (WebLauncher)) (Version: v3.1.10.1 - ScreenPal)
SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation)
Skype verze 8.99 (HKLM-x32\...\Skype_is1) (Version: 8.99 - Skype Technologies S.A.)
SoftPerfect Network Scanner version 7.2.6 (HKLM\...\{8083C3D9-F400-48FA-B060-CF55F25E2D4B}_is1) (Version: 7.2.6 - SoftPerfect Pty Ltd)
Speedtest by Ookla (HKLM\...\{708BC0F0-18DD-4951-A531-18E7CE473BCE}) (Version: 1.8.154.001 - Ookla)
Spy Emergency 2017-24.0.620 (HKLM\...\Spy Emergency_is1) (Version: - NETGATE Technologies s.r.o.)
Subtitle Edit 3.5.13 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.13.0 - Nikse)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 8.0.1048 - SUPERAntiSpyware.com)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 11.3.7.0 - 2BrightSparks)
Tisk Obalek 3.2.2.9 (HKLM-x32\...\Tisk Obalek_is1) (Version: 3.2.2.9 - Mgr. Radovan Kraus)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Videoder 1.0.9 (HKLM-x32\...\808fc302-3d01-59ce-8094-e0443a55877e) (Version: 1.0.9 - GlennioTech)
Vistumbler (HKLM-x32\...\Vistumbler) (Version: 10.6.5 - Vistumbler.net)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WhatsApp (Outdated) (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\WhatsApp) (Version: 2.2326.10 - WhatsApp)
WiFi Scanner (HKLM-x32\...\{1224CE90-0AA3-41AF-B51F-61C8C796C401}) (Version: 0.8.626 - AccessAgility)
Winclipper (HKLM\...\{7E886962-795A-4BED-915C-D9DDDDC2472D}) (Version: 1.4.2.0 - Carson Shook)
Windows Installer (HKLM-x32\...\{798E61D4-8923-4E77-A74B-2DF264394A48}) (Version: 5.0.4 - AdvancedWindowsManager) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Chrome apps:
============
Správce hesel Google (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\999f44d80d35096af8c638a664313fbd) (Version: 1.0 - Google\Chrome)
YouTube (HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\f7dc6435b15fa8a7d14797683a3fd873) (Version: 1.0 - Google\Chrome)
Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-05-21] (Adobe Systems Incorporated)
Adobe Reader Touch -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeReader_3.1.8.7675_x86__ynb6jyjzte8ga [2020-01-13] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [2020-03-19] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-02-04] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-12-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x64__8wekyb3d8bbwe [2020-03-06] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
One Calendar -> C:\Program Files\WindowsApps\64885BlueEdge.OneCalendar_2020.229.1.0_x64__8kea50m9krsh2 [2020-03-06] (Code Spark)
One Task -> C:\Program Files\WindowsApps\64885BlueEdge.OneTask_2018.1124.1.0_x64__8kea50m9krsh2 [2020-03-13] (Code Spark)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-06] (Skype)
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.5.1.0_x64__gs5k5vmxr2ste [2020-01-14] (Matt Hafner)
Wifi Analyzer and Scanner -> C:\Program Files\WindowsApps\28877WebProvider.WifiAnalyzerandScanner_1.2.1.0_x64__gdrx0g078t8zg [2019-12-29] (WebProvider)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{0AC68F4B-F9F7-475B-A5B4-383171479500} -> [MEGA] => C:\Users\Lenovo\Documents\MEGA [2020-02-29 12:36]
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Lenovo\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{54FD8C11-9F42-4A0F-BE2C-9E3A4158A705}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{9B1F8A90-DF55-4BB6-B78F-77F8C4632B37}\localserver32 -> C:\Program Files\ABBYY FineReader 16\FineUpdate.exe (ABBYY Development, Inc. -> ABBYY Development, Inc.)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{9f0c474b-de34-42ec-af28-eb091c7982ff}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{B1D050AE-282F-DC81-EDA8-31C953EEDD86}\InprocServer32 -> C:\Program Files\Common Files\System\ole32.dll => No File
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{D5621537-2364-45C2-9F3F-C2329CFFF29D} -> [MEGA] => C:\Users\Lenovo\Documents\MEGA [2020-02-29 12:36]
CustomCLSID: HKU\S-1-5-21-760426430-1322398698-3842268529-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-26] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-26] (Adobe Inc. -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-12] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers1: [ContextMenuHandlerFilmora] -> {5F542218-AF8A-4CF8-8ACA-DF63B73C528D} => C:\Windows\system32\FilmoraContextMenu.dll [2024-10-10] () [File not signed]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [FineReader16ContextMenu] -> {DCACA03D-01CA-410C-8F35-FBEB05CA8BF0} => C:\Program Files\ABBYY FineReader 16\FRIntegration.dll [2023-07-30] (ABBYY Development, Inc. -> ABBYY Development, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2013-03-11] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2020-05-12] (IP Izmaylov Artem Andreevich -> AIMP DevTeam)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lenovo\AppData\Local\MEGAsync\ShellExtX64.dll [2025-03-19] (Mega Limited -> )
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-03-27] (Florian Heidenreich) [File not signed]
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2013-03-11] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncShell64.dll [2025-03-18] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\104.0.4.0\drivefsext.dll [2025-02-21] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-26] (Adobe Inc. -> )
ContextMenuHandlers6: [FineReader16ContextMenu] -> {DCACA03D-01CA-410C-8F35-FBEB05CA8BF0} => C:\Program Files\ABBYY FineReader 16\FRIntegration.dll [2023-07-30] (ABBYY Development, Inc. -> ABBYY Development, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-02-19] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => C:\Program Files\NETGATE\Spy Emergency\menuext.dll [2013-03-11] (NETGATE Technologies s.r.o. -> NETGATE Technologies s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Lenovo\Desktop\Správce hesel Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_kajebgjangihfbkjfejcanhanjmmbcfd\Správce hesel Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\1Market.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cjmocagfbhnkhecpkfdddgicbllppleb
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Správce hesel Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Správce hesel Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Správce hesel Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=kajebgjangihfbkjfejcanhanjmmbcfd
==================== Loaded Modules (Whitelisted) =============
2016-03-03 05:17 - 2016-03-03 05:17 - 000136704 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000146944 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2016-01-15 03:06 - 2016-01-15 03:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2016-02-22 09:25 - 2016-02-22 09:25 - 000116224 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2015-08-24 09:41 - 2015-08-24 09:41 - 002360622 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2019-05-22 09:09 - 2019-05-22 09:09 - 000713728 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2018-07-20 05:31 - 2018-07-20 05:31 - 000168448 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2018-07-20 05:31 - 2018-07-20 05:31 - 000591872 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2019-05-15 09:07 - 2019-05-15 09:07 - 006903808 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2018-07-20 05:36 - 2018-07-20 05:36 - 002980352 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2019-05-15 09:07 - 2019-05-15 09:07 - 000967168 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2019-04-19 07:38 - 2019-04-19 07:38 - 001259520 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2018-11-22 02:58 - 2018-11-22 02:58 - 011973632 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2019-05-15 09:05 - 2019-05-15 09:05 - 002683392 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2019-05-22 10:51 - 2019-05-22 10:51 - 000278528 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2019-05-22 09:14 - 2019-05-22 09:14 - 000888832 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2018-11-20 11:34 - 2018-11-20 11:34 - 000422400 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2018-12-12 11:36 - 2018-12-12 11:36 - 000633344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2018-07-20 05:33 - 2018-07-20 05:33 - 000433664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2014-12-21 17:07 - 2014-12-21 17:07 - 000119822 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2014-12-21 17:07 - 2014-12-21 17:07 - 001026062 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000111616 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 002285056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000074752 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000219648 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000049664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000037376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000070144 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2016-02-26 11:07 - 2016-02-26 11:07 - 000049152 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2016-08-15 09:28 - 2016-08-15 09:28 - 001125888 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2019-05-22 09:13 - 2019-05-22 09:13 - 001701376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000072192 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2016-01-15 03:23 - 2016-01-15 03:23 - 000026112 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2016-04-12 07:13 - 2016-04-12 07:13 - 000067072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll
2019-11-06 18:44 - 2019-11-06 18:44 - 008955904 _____ () [File not signed] C:\Program Files\Adobe\Adobe Photoshop 2020\inference_engine.dll
2019-11-06 20:16 - 2019-11-06 20:16 - 023719424 _____ () [File not signed] C:\Program Files\Adobe\Adobe Photoshop 2020\MKLDNNPlugin.dll
2020-02-06 19:13 - 2016-08-09 12:57 - 001886720 _____ () [File not signed] C:\Program Files\Atomic Alarm Clock\Clock.dll
2024-10-29 21:27 - 2024-10-10 23:35 - 000754688 _____ () [File not signed] C:\Windows\system32\FilmoraContextMenu.dll
2020-03-27 17:50 - 2020-03-27 17:50 - 000398336 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2014-12-21 17:07 - 2014-12-21 17:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll
2013-02-19 07:46 - 2013-02-19 07:46 - 000220160 _____ (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll
2014-03-24 03:32 - 2014-03-24 03:32 - 000060273 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll
2013-02-11 02:35 - 2013-02-11 02:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll
2015-10-12 20:44 - 2015-10-12 20:44 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll
2015-10-12 20:45 - 2015-10-12 20:45 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll
2015-10-12 20:45 - 2015-10-12 20:45 - 000246784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll
2015-10-12 20:58 - 2015-10-12 20:58 - 000366592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll
2015-10-12 20:48 - 2015-10-12 20:48 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll
2015-10-12 20:58 - 2015-10-12 20:58 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll
2015-10-12 20:58 - 2015-10-12 20:58 - 000433664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll
2015-10-12 20:58 - 2015-10-12 20:58 - 000027136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll
2015-10-12 20:46 - 2015-10-12 20:46 - 001413632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll
2015-10-12 20:47 - 2015-10-12 20:47 - 000044544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll
2015-11-19 05:54 - 2015-11-19 05:54 - 005391360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll
2015-10-12 20:31 - 2015-10-12 20:31 - 005334528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll
2015-10-12 20:26 - 2015-10-12 20:26 - 001528832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll
2015-10-12 20:42 - 2015-10-12 20:42 - 000334848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll
2016-04-13 03:52 - 2016-04-13 03:52 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll
2015-10-12 20:48 - 2015-10-12 20:48 - 000331776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll
2015-10-12 20:37 - 2015-10-12 20:37 - 006541824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll
2015-10-12 20:25 - 2015-10-12 20:25 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll
2020-02-06 19:13 - 2013-02-19 18:16 - 000223744 _____ (Un4seen Developments) [File not signed] C:\Program Files\Atomic Alarm Clock\bass.dll
2019-12-15 04:18 - 2011-05-26 18:20 - 000025088 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\0d9f16ff.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\0d9f16ff.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
IE Session Restore: HKU\S-1-5-21-760426430-1322398698-3842268529-1001 -> is enabled.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2024-02-17 14:35 - 000000753 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
2019-12-10 23:22 - 2020-01-01 20:30 - 000000446 _____ C:\Windows\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKCU\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Windows\System32\OpenSSH\;C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Qualcomm Atheros AR8172/8176/8178 PCI-E Fast Ethernet Controller (NDIS 6.30) -> L1C63x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Síťový adaptér Broadcom 802.11n -> bcmwl63a.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-760426430-1322398698-3842268529-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{51CD8B13-C161-4AA3-9D9C-ECCA1E9127C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E93BA065-E320-40F8-9037-D61F84DCCA17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8A5D56B0-A3AA-4D45-9A96-6BDA5305D721}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CCBBDA7F-E030-4D56-B4A9-3FB611C4B13C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{69E0CBFD-18B6-4005-9FD0-A0668760395C}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [UDP Query User{FDF815F9-202B-4C72-9DC4-2F7267662A34}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.)
FirewallRules: [TCP Query User{E4B9757F-1A41-4FD0-BBAC-5AF4CEC63EEF}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Allow) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> The Syncthing Authors)
FirewallRules: [UDP Query User{0AEB44B9-512C-4883-93FF-AC00848676D0}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Allow) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> The Syncthing Authors)
FirewallRules: [{2AD33F00-D99B-4A75-B96A-0B3A2C590268}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C653BB6-22A9-498C-9A9E-BD9FC8D11DD3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69CC26C3-C176-4998-864F-D6238211EF3B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{594CE807-87B7-4A0C-8C3F-2CA276A9033B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{C2CA6D5F-6D93-4143-AEF8-4F567BF6B6D8}C:\users\lenovo\appdata\anydesk.exe] => (Block) C:\users\lenovo\appdata\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [UDP Query User{AC70804A-2780-4E53-A515-6D72A843DCD4}C:\users\lenovo\appdata\anydesk.exe] => (Block) C:\users\lenovo\appdata\anydesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [TCP Query User{EE542E4B-1D2E-4A70-A7D9-7E289BCB200B}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Block) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> The Syncthing Authors)
FirewallRules: [UDP Query User{5F3C8115-83D4-4FD3-988B-9B5F3CBDAFA2}C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe] => (Block) C:\program files\syncthing\syncthing-windows-amd64-v1.2.1\syncthing.exe (Kastelo AB -> The Syncthing Authors)
FirewallRules: [TCP Query User{388A03EB-C8D7-49C9-B933-4E1ED83B133B}C:\program files (x86)\java\jre1.8.0_251\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{6CBD64CD-7B23-49A6-8CBF-BD92FD526019}C:\program files (x86)\java\jre1.8.0_251\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_251\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{0875530A-F03B-4426-84FD-A998ED2A2337}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5ED983EB-FB69-4B8C-9723-582FF87ECDD6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05D0274B-4C6A-4B17-9A42-0C1082BCBE2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{11952E1A-D31F-4AC6-9D48-D1F8804E898F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E9B9F37-9659-42CD-882E-C3CEA8518031}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA1ADAF0-C506-4D23-9A58-4E7290421AA9}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6926C79B-ED8A-4C84-9E55-0195CDD5F40E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{44BEC590-9EC4-468C-9459-FD53497E74D2}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [UDP Query User{9239168C-0DB3-4DE5-9C77-1C0F79716338}C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe] => (Block) C:\program files\common files\adobe\adobe desktop common\hex\creative cloud ui helper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{8078B281-5EBC-4365-A256-6F94D766EA80}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D146E3B2-3207-4B9E-A338-968F157F79C9}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.72\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
02-03-2025 19:11:13 Naplánovaný kontrolní bod
12-03-2025 07:17:14 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Android ADB Interface
Description: Android ADB Interface
Class Guid: {3f966bd9-fa04-4ec5-991c-d326973b5128}
Manufacturer: Google, Inc.
Service: WinUSB
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/21/2025 07:51:57 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18488,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/21/2025 07:18:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18096,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/20/2025 11:53:53 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (18924,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/20/2025 03:24:32 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/20/2025 03:16:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17552,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (03/19/2025 05:23:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 13 5.100.168.192.in-addr.arpa. PTR No-as.local.
Error: (03/19/2025 05:23:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.100.5:5353 13 5.100.168.192.in-addr.arpa. PTR Noťas.local.
Error: (03/19/2025 05:23:02 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19364,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\Windows\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (03/21/2025 07:54:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/21/2025 07:52:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (03/21/2025 07:52:11 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/21/2025 07:50:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (03/21/2025 07:27:55 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/21/2025 07:25:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Error: (03/21/2025 07:25:55 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (03/21/2025 07:23:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2020-03-21 22:41:36.104
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {98657F1E-8680-4CCE-94A1-A077C5F66E0C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-19 20:57:46.592
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FE8D7ADF-2D72-431B-8B91-AB63E279CA6A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-18 19:47:18.566
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {36D017AC-1B3D-4AA8-8D42-0564EC175D29}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2020-03-18 18:21:07.747
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Lenovo\AppData\Local\Temp\Kill.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AJUSQ3V\Lenovo
Název procesu: C:\Users\Lenovo\Desktop\Patch\Patch\Acronis True Image 2020 v24 Patch.exe
Verze bezpečnostních informací: AV: 1.311.1479.0, AS: 1.311.1479.0, NIS: 1.311.1479.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2
Date: 2020-03-18 14:17:52.463
Description:
Antivirová ochrana v programu Windows Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: file:_C:\Users\Lenovo\AppData\Local\Temp\un5005.exe; process:_1932
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: DESKTOP-AJUSQ3V\Lenovo
Název procesu: C:\Users\Lenovo\AppData\Local\Temp\un5005.exe
ID bezpečnostních informací: 23858570787236
Verze bezpečnostních informací: AV: 1.311.1454.0, AS: 1.311.1454.0
Verze modulu: 1.1.16800.2
Štítek věrnosti: Střední
Název cílového souboru:
==================== Memory info ===========================
BIOS: LENOVO 7ACN24WW 06/25/2013
Motherboard: LENOVO G700
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 57%
Total physical RAM: 16263.35 MB
Available physical RAM: 6955.17 MB
Total Virtual: 18695.35 MB
Available Virtual: 3623.28 MB
==================== Drives ================================
Drive c: (MASTER) (Fixed) (Total:931.02 GB) (Free:844.13 GB) (Model: Samsung SSD 860 QVO 1TB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.01 GB) (Model: Samsung SSD 860 QVO 1TB) FAT32
\\?\Volume{d5ebbff9-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: D5EBBFF9)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
- Hymna Dubaj.jpg (67.71 KiB) Zobrazeno 3438 x
- Díky 
Přispějete na provoz fóra?