Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Ran by Lenovo (administrator) on DESKTOP-NOA58GF (LENOVO 10EU0022MC) (10-10-2024 21:33:13)
Running from C:\Users\Lenovo\Downloads\FRST64.exe
Loaded Profiles: Lenovo
Platform: Microsoft Windows 11 Pro Version 23H2 22631.4317 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adguard Software Limited -> Adguard Software Limited) C:\Program Files (x86)\Adguard\Adguard.exe
(C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.24900.130.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.79\msedgewebview2.exe <7>
(DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(FLEXTECH INC. -> Flextech Inc.) C:\Users\Lenovo\AppData\Roaming\TeraBox\teraboxwebservice.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(services.exe ->) (Adguard Software Limited -> Adguard Software Limited) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_98728bfffafc23c2\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_22dff82e7da0099b\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b53c057d22ce6f37\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(services.exe ->) (LENOVO -> ) C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
(sihost.exe ->) (8F32EFB2-B494-4AEC-A27C-4B0736252363 -> SmartDisplays) C:\Program Files\WindowsApps\E046963F.SmartDisplays_3.0.0.0_x64__k1h2ywk1493x8\SmartDisplays\SmartDisplays.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24091.30.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.StorePurchaseApp_22408.1401.0.0_x64__8wekyb3d8bbwe\StoreExperienceHost.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-07-28] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [7077080 2023-10-05] (Adguard Software Limited -> Adguard Software Limited)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [AllowBlockingAppsAtShutdown] 0
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2024-07-28] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [Discord] => C:\Users\Lenovo\AppData\Local\Discord\Update.exe [1525016 2024-04-01] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [TeraBox] => C:\Users\Lenovo\AppData\Roaming\TeraBox\TeraBox.exe [6612464 2024-09-23] (FLEXTECH INC. -> Flextech Inc.)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [TeraBoxWeb] => C:\Users\Lenovo\AppData\Roaming\TeraBox\TeraBoxWebService.exe [1141232 2024-09-23] (FLEXTECH INC. -> Flextech Inc.)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45125936 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Policies\Explorer: [NoInstrumentation] 1
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP1100LM: C:\Windows\system32\HP1100LM.DLL [290816 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\WINDOWS\system32\pxcpm.dll [999056 2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\129.0.6668.90\Installer\chrmstp.exe [2024-10-03] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {053D8C45-E705-410B-9DD4-F395CE575327} - System32\Tasks\85aa9b952d184d3bae1894ce947eeee8 => C:\Program Files (x86)\Adguard\Adguard.exe [7077080 2023-10-05] (Adguard Software Limited -> Adguard Software Limited)
Task: {037CD0D0-BD03-4B42-9C68-08DC0C5853C4} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F248EA92-4792-4A34-9963-1D4B48F139B3} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C2531458-7C09-4FB6-99A6-6BD4C91E0272} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {2BBFD693-553B-4D76-9C04-51B781794E11} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5937456 2024-09-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "c0a24544-a54d-4c07-92a7-a6e1f1ebb33e" --version "6.28.11297" --silent
Task: {32600AAF-4CE6-42B5-B9DC-C54FEEB5E3A7} - System32\Tasks\CCleanerSkipUAC - Lenovo => C:\Program Files\CCleaner\CCleaner.exe [39012144 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {489FC509-C4C9-485B-BDE0-A9BE2F7F7ECB} - System32\Tasks\CorelUpdateHelperTask-655E5E2BFA3DD713F4E9E42B501A0484 => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation)
Task: {9C24F434-04AB-47E5-9FD8-DC8E1B27AB7F} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.EXE [3834384 2024-01-24] (Corel Corporation -> Corel Corporation)
Task: {3DA05C3B-61C4-474F-AC19-3C5A570411F6} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5596280 2024-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {E171D038-6775-4E2E-ABAB-E9AA6F349B57} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-08-07] (HP Inc. -> HP Inc.)
Task: {EB08C517-6749-4E9F-BE88-2E7AA204E576} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64472 2024-08-07] (HP Inc. -> HP Inc.)
Task: {14CB08A2-4FA7-4894-BEAE-003DD016C445} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194056 2024-07-28] (Adobe Inc. -> Adobe Inc.)
Task: {D5DCA27A-0F25-4820-8D4E-28701B306E8C} - System32\Tasks\Lenovo\Lenovo MigrationAssistant start event task => C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe [291216 2020-11-11] (Lenovo -> )
Task: {7E508AFD-77B5-43C5-98A1-6427ED619F63} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E9EF911-F842-4ECA-9880-46F9BA694815} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28617448 2024-09-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {F3626F04-27AE-4E59-843E-A821867A2489} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223200 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E626BF7C-A6FC-459F-8818-7E67D1626996} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223200 2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {3230BEDD-BBCC-4DB1-8649-E587FB85F3C4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {2114354A-D3E6-4BCF-9DB9-626BA8DCADA5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {AD3F516B-1C04-41C7-A867-B11E9AF642F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD7BBF33-648E-4716-B85D-B660C3BA8E55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8AD2DCD4-7270-48F5-8EFB-3CBE990352BD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4765F9F0-B43D-4114-8652-5B00493C8F8A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpCmdRun.exe [1687208 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86D13D96-82BF-4C90-86C4-0ACA7259611A} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {0F083838-D9A8-4B95-8418-2382754E69ED} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {90F15082-83EB-499B-8C4D-7FA2996C43F7} - System32\Tasks\TVT\TVSUUpdateTask => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (No File)
Task: {C7EB6C7C-BF37-4DEC-B5F6-3C7EC750CF53} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe" PendingTask (No File)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cb0048aa-817b-4c7d-a9b0-af203f01f0c8}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d05bc245-e639-48a3-b625-0fc4810a0438}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-03]
Edge Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2023-12-31]
Edge Extension: (TeraBox Download Assistant) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dpadflhmiohjfhhaehelneimpllfbpcg [2024-08-17]
Edge Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2024-10-03]
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-10-03]
Edge HomePage: Profile 1 -> hxxps://www.seznam.cz/?clid=22668
Edge Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2023-12-31]
Edge Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-12]
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-04-23]
Edge Extension: (Blokátor reklam AdGuard) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2024-05-30]
Edge HKLM\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]
Edge HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Lenovo\AppData\Roaming\TeraBox\terabox_ext_chrome.crx [2024-10-10]
Edge HKLM-x32\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo]
FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3625998006-2303437307-2170556659-1003: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2024-10-10]
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR Session Restore: Default -> is enabled.
CHR Extension: (Blokátor reklam AdGuard) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2024-10-06]
CHR Extension: (PDF-XChange) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blgipgnbmnikbdecnjmgckmndlkebhid [2023-03-25]
CHR Extension: (AdGuard asistent prohlížeče) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbohpolgemkbfphodcfgnpjcmedcjhpn [2024-03-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-12]
CHR HKLM\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]
CHR HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Lenovo\AppData\Roaming\TeraBox\terabox_ext_chrome.crx [2024-10-10]
CHR HKLM-x32\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid]
CHR HKLM-x32\...\Chrome\Extension: [dpadflhmiohjfhhaehelneimpllfbpcg] - C:\Users\Lenovo\AppData\Roaming\TeraBox\terabox_ext_chrome.crx [2024-10-10]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [798424 2023-10-05] (Adguard Software Limited -> Adguard Software Limited)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BtLockerService; C:\Program Files (x86)\Lenovo\BluetoothLock\BtLockerService.exe [44432 2016-01-22] (LENOVO -> )
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-09-18] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13861048 2024-09-22] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [47000 2024-09-26] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [330136 2024-09-26] (Intel Corporation -> Intel)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-08-07] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-11-24] (Hewlett-Packard Company -> HP)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MpDefenderCoreService.exe [1431160 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [530448 2024-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13216784 2020-04-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 TeraBoxUtility; C:\Users\Lenovo\AppData\Roaming\TeraBox\YunUtilityService.exe [115176 2024-09-23] (FLEXTECH INC. -> Flextech Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\NisSrv.exe [3199656 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24080.9-0\MsMpEng.exe [133704 2024-09-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone toolkit for Android\Library\DriverInstaller\DriverInstall.exe [118048 2017-06-22] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [88136 2023-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Limited)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 LBAI; C:\WINDOWS\System32\Drivers\LBAI.sys [23208 2017-11-13] (WDKTestCert Win10P64US,131547553407012624 -> Lenovo)
R3 MpKsl1bb087ac; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F8E5B991-6437-41CD-9997-47D779C88520}\MpKslDrv.sys [267552 2024-10-10] (Microsoft Windows -> Microsoft Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602392 2024-09-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2024-09-28] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-10 21:32 - 2024-10-10 21:32 - 002397696 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2024-10-10 21:28 - 2024-10-10 21:28 - 000003338 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-655E5E2BFA3DD713F4E9E42B501A0484
2024-10-10 20:31 - 2024-10-10 20:31 - 000725758 _____ C:\WINDOWS\system32\perfh005.dat
2024-10-10 20:31 - 2024-10-10 20:31 - 000151026 _____ C:\WINDOWS\system32\perfc005.dat
2024-10-10 17:21 - 2024-10-10 17:21 - 000103276 _____ C:\Users\Lenovo\Downloads\priloha_1416641338_0_180004560 (1).pdf
2024-10-10 17:19 - 2024-10-10 17:19 - 000168327 _____ C:\Users\Lenovo\Downloads\priloha_1417610102_0_Predzalobni_vyzva_8711714495 (2).pdf
2024-10-09 06:49 - 2024-10-09 06:49 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-10-03 14:33 - 2024-10-03 14:33 - 075981320 _____ (Piriform Software Ltd) C:\Users\Lenovo\Downloads\ccsetup628 (1).exe
2024-10-03 14:31 - 2024-10-03 14:31 - 000140848 _____ C:\Users\Lenovo\Documents\cc_20241003_143124.reg
2024-10-03 14:25 - 2024-10-03 14:25 - 000000000 ____D C:\ProgramData\Piriform
2024-10-03 14:24 - 2024-10-10 20:25 - 000000000 ____D C:\Program Files\CCleaner
2024-10-03 14:24 - 2024-10-09 07:14 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-10-03 14:24 - 2024-10-03 14:24 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-10-03 14:24 - 2024-10-03 14:24 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-10-03 14:24 - 2024-10-03 14:24 - 000002908 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Lenovo
2024-10-03 14:24 - 2024-10-03 14:24 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2024-10-03 14:24 - 2024-10-03 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2024-10-03 13:57 - 2024-10-03 13:57 - 075981320 _____ (Piriform Software Ltd) C:\Users\Lenovo\Downloads\ccsetup628.exe
2024-10-02 20:51 - 2024-10-02 20:51 - 000168327 _____ C:\Users\Lenovo\Downloads\priloha_1417610102_0_Predzalobni_vyzva_8711714495 (1).pdf
2024-10-02 20:49 - 2024-10-02 20:49 - 000087502 _____ C:\Users\Lenovo\Downloads\priloha_1420331425_0_180035133.pdf
2024-10-01 18:26 - 2024-10-01 18:26 - 000001538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2024-09-29 14:22 - 2024-09-29 14:22 - 000168327 _____ C:\Users\Lenovo\Downloads\priloha_1417610102_0_Predzalobni_vyzva_8711714495.pdf
2024-09-29 14:21 - 2024-09-29 14:21 - 000100493 _____ C:\Users\Lenovo\Downloads\priloha_1417640773_0_VypisROS.pdf
2024-09-29 14:20 - 2024-09-29 14:23 - 000000000 ____D C:\Users\Lenovo\Desktop\po insolvenci
2024-09-29 14:16 - 2024-09-29 14:16 - 000103276 _____ C:\Users\Lenovo\Downloads\priloha_1416641338_0_180004560.pdf
2024-09-29 14:15 - 2024-09-29 14:15 - 000001808 _____ C:\Users\Lenovo\Downloads\priloha_1417640901_1_VypisROS.csv
2024-09-29 14:14 - 2024-09-29 14:14 - 000100279 _____ C:\Users\Lenovo\Downloads\priloha_1417640901_0_VypisROS.pdf
2024-09-28 19:28 - 2024-09-28 19:28 - 000000212 _____ C:\Users\Lenovo\Downloads\Max Transcript.txt
2024-09-11 22:31 - 2024-09-11 22:31 - 000005888 _____ C:\Users\Lenovo\Downloads\odkazy.odt
2024-09-11 22:31 - 2024-09-11 22:31 - 000005888 _____ C:\Users\Lenovo\Downloads\odkazy (1).odt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-10-10 21:34 - 2021-04-09 11:14 - 000030097 _____ C:\Users\Lenovo\Downloads\FRST.txt
2024-10-10 21:33 - 2023-06-04 08:30 - 000000000 ____D C:\FRST
2024-10-10 21:32 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-10-10 21:25 - 2024-06-08 23:09 - 000000000 ____D C:\ProgramData\Adguard
2024-10-10 21:14 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-10-10 21:14 - 2020-03-07 22:55 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2024-10-10 20:54 - 2024-07-28 10:14 - 000003586 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2024-10-10 20:31 - 2024-07-28 01:15 - 001718310 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-10-10 20:31 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-10-10 20:28 - 2024-04-05 20:34 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\discord
2024-10-10 20:27 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-10-10 20:26 - 2024-08-07 08:10 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-10-10 20:25 - 2024-08-07 08:09 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\TeraBox
2024-10-10 20:25 - 2024-04-05 20:34 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Discord
2024-10-10 20:25 - 2023-12-21 14:04 - 000000000 ____D C:\Program Files (x86)\Steam
2024-10-10 20:25 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-10-10 20:24 - 2022-12-31 18:24 - 000000000 ____D C:\Program Files (x86)\Adguard
2024-10-10 20:24 - 2020-03-02 19:39 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2024-10-10 20:23 - 2024-07-28 01:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-10-10 20:23 - 2024-07-28 01:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-10-10 20:23 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-10-10 20:23 - 2020-07-04 17:59 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-10 20:23 - 2020-01-29 18:28 - 000000000 ____D C:\Intel
2024-10-10 15:37 - 2021-04-07 13:48 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2024-10-10 12:45 - 2020-04-05 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-10-10 00:59 - 2020-04-05 11:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-10-09 07:31 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-10-09 07:18 - 2024-04-05 20:34 - 000002297 _____ C:\Users\Lenovo\Desktop\Discord.lnk
2024-10-09 07:14 - 2024-07-28 01:06 - 005284576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-10-09 07:13 - 2023-12-04 08:26 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-10-09 07:13 - 2022-05-07 12:13 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\IME
2024-10-09 07:13 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-10-09 07:13 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-10-09 06:57 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-10-09 06:53 - 2024-07-28 01:08 - 003213312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-10-09 06:40 - 2020-04-05 11:09 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-10-05 13:14 - 2020-06-23 23:14 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-10-05 13:14 - 2020-06-23 23:14 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-10-05 03:09 - 2024-07-28 01:14 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-10-05 03:09 - 2024-07-28 01:14 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-03 23:26 - 2020-04-05 10:26 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-03 23:26 - 2020-04-05 10:26 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-03 14:30 - 2021-04-06 14:49 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\FileZilla
2024-10-01 18:26 - 2020-03-07 20:15 - 000000000 ____D C:\ProgramData\Package Cache
2024-10-01 18:26 - 2020-01-29 18:28 - 000000000 ____D C:\Program Files (x86)\Intel
2024-09-30 22:50 - 2020-07-04 14:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-09-28 19:28 - 2020-01-29 18:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-09-11 22:31 - 2020-03-02 19:39 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2024-09-11 03:32 - 2023-12-21 14:05 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Steam
2024-09-11 03:26 - 2022-05-07 12:14 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-09-11 03:26 - 2022-05-07 12:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-09-11 03:26 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-09-11 03:26 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-09-11 03:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\WUModels
2024-09-11 03:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-09-11 03:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-09-11 03:26 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Files in the root of some directories ========
2024-07-26 12:17 - 2024-07-26 12:17 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2020-04-05 11:30 - 2020-04-05 11:30 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\oobelibMkey.log
2022-11-30 22:50 - 2022-11-30 22:50 - 000000017 _____ () C:\Users\Lenovo\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Lenovo (10-10-2024 21:35:28)
Running from C:\Users\Lenovo\Downloads
Microsoft Windows 11 Pro Version 23H2 22631.4317 (X64) (2024-07-27 23:15:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Admin (S-1-5-21-3625998006-2303437307-2170556659-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3625998006-2303437307-2170556659-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3625998006-2303437307-2170556659-503 - Limited - Disabled)
Guest (S-1-5-21-3625998006-2303437307-2170556659-501 - Limited - Disabled)
Lenovo (S-1-5-21-3625998006-2303437307-2170556659-1003 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-3625998006-2303437307-2170556659-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
888poker.de (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\888poker.de) (Version: 1.1.2.33 - 888)
AdGuard (HKLM-x32\...\{685F6AB3-7C61-42D1-AE5B-3864E48D1035}) (Version: 7.15.4385.0 - Adguard Software Limited) Hidden
AdGuard (HKLM-x32\...\{d00eb186-dff0-4e94-9e29-6b3f533bd161}) (Version: 7.15.4385.0 - Adguard Software Limited)
Adguard Premium, версия 7.10.3961.0 (HKLM-x32\...\{D5D059FE-9F84-4C76-BCA0-5A50A3CCA3E1}_is1) (Version: 7.10.3961.0 - )
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.5.1.3 - Adobe Inc.)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3) (Version: 8.3 - Adobe Systems Incorporated)
Adobe Photoshop 2024 (HKLM-x32\...\PHSP_25_11) (Version: 25.11.0.706 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824369436}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Update Helper (HKLM-x32\...\{19C3AB22-3718-4E4D-B203-242F5001565B}) (Version: 1.8.1653.5 - AVAST Software) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 6.28 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{AF87FFD3-1D24-4940-99AE-F0CBAB8EDEAC}) (Version: 24.4.0.592 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{AF87FFD3-1D24-4940-99AE-F0CBAB8EDEAC}) (Version: 24.4.592 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{34C7ED8D-9DB4-43B3-B0EF-0B15A06BD3E8}) (Version: 24.4.592 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{4BAE1A4E-9E7A-4DEB-93DF-F2EB7539C3E2}) (Version: 2.17.698 - Corel corporation) Hidden
CorelDRAW Graphics Suite (HKLM\...\_{1E4B5F2C-0532-4CDA-AFCD-674E9C37521E}) (Version: 24.5.0.731 - Corel Corporation)
CorelDRAW Graphics Suite 2022 - IPM (x64) (HKLM\...\{C3AA2B13-47FD-4A79-8B12-371D41CEBA58}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content BR (x64) (HKLM\...\{89D5710D-E9BA-422C-9622-0AD767A4393E}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content CS (x64) (HKLM\...\{EA20C1C5-9B58-4521-A6CF-B8EF05240090}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content CT (x64) (HKLM\...\{A9B5D262-8F37-4FE8-8042-FB734E355760}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content CZ (x64) (HKLM\...\{A096AB0F-2BFF-4374-8B8E-946B4C7A383F}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content DE (x64) (HKLM\...\{979F473A-F5E9-46F1-A144-A3EB8854C7CE}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content EN (x64) (HKLM\...\{E4106E1B-D15B-4BC1-94E7-F4D8BB5E4E8F}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content ES (x64) (HKLM\...\{A51F1984-32E8-4504-ADCE-6394971DC9DB}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content FR (x64) (HKLM\...\{20CE94E7-88BA-4A9D-ADB2-1C289B74615A}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content IT (x64) (HKLM\...\{B765426D-57E3-4951-814D-7F8D91AEBA4A}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content JP (x64) (HKLM\...\{BF0FB182-C342-4744-8BC0-E1812C50A349}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content NL (x64) (HKLM\...\{E59C483B-FB36-45C3-A981-7A7F432FBC72}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content PL (x64) (HKLM\...\{DAD765D7-6E19-4F6E-AF32-EC04741092D4}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content RU (x64) (HKLM\...\{34EDBF0A-481F-4314-AD70-5A162A7B14E1}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content SV (x64) (HKLM\...\{B74272BD-DCCD-4A35-9AAD-877172F31A97}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - IPM Content TR (x64) (HKLM\...\{F636BFF2-0638-4B0E-80B0-0591240A9E07}) (Version: 24.5 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2022 - Writing Tools (x64) (HKLM\...\{7DCFAD1B-69CB-4394-8EF6-E2ECECDF098C}) (Version: 24.5 - Corel Corporation) Hidden
CPUID CPU-Z 1.91 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.91 - CPUID, Inc.)
DeepL (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\https%3a##appdownload.deepl.com#windows#0install#deepl.xml) (Version: - DeepL SE)
Discord (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Discord) (Version: 1.0.9039 - Discord Inc.)
dr.fone toolkit for Android (Version 8.3.3) (HKLM-x32\...\{7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1) (Version: 8.3.3.64 - Wondershare Technology Co.,Ltd.)
Excel (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1fc5b090eab9aa41f8a2f5987367e6da) (Version: 1.0 - Excel)
FileZilla Client 3.53.1 (HKLM-x32\...\FileZilla Client) (Version: 3.53.1 - Tim Kosse)
FoneLab Android Data Recovery 3.0.62 (HKLM-x32\...\{9D4E5CFB-1923-4ff6-9305-0E5AF9430AF0}_is1) (Version: 3.0.62 - FoneLab)
Ghostscript GPL 10.01.2 (Msi Setup) (HKLM\...\_{A9752506-6812-4AF9-B0C9-57C328EF7452}) (Version: 10.01.2 - Corel Corporation)
Ghostscript GPL 10.01.2 (Msi Setup) (HKLM\...\{A9752506-6812-4AF9-B0C9-57C328EF7452}) (Version: 10.01.2 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 129.0.6668.90 - Google LLC)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel Driver && Support Assistant (HKLM-x32\...\{FD1F89D7-58B0-4AEA-995D-72D07C5302A4}) (Version: 24.5.40.11 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{f2a88096-3fb7-490f-b289-ad70b99a8f5e}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{E4945B75-A983-48E7-9AB6-B84AF13AF9B3}) (Version: 14.6.1.1030 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000020-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.20.0.3 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{43826762-6E01-46B8-81D5-79BA90ABED2F}) (Version: 24.5.40.11 - Intel)
Intel® Driver & Support Assistant (HKLM-x32\...\{D162161F-8200-475E-A86A-693E7C951444}) (Version: 24.3.26.8 - Intel)
Lenovo Bluetooth Lock (HKLM\...\{77A3D1F8-B521-40E6-9A51-E53C2FDBA2A9}_is1) (Version: 2.0.1.0527 - Lenovo)
Lenovo Migration Assistant (HKLM\...\Lenovo Migration Assistant_is1) (Version: 2.1.4.6 - Lenovo)
LibreOffice 7.2.6.2 (HKLM\...\{D21963A8-765F-4458-A227-1D88D8122C2B}) (Version: 7.2.6.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 129.0.2792.79 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 129.0.2792.79 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - de-de (HKLM\...\ProPlus2019Retail - de-de) (Version: 16.0.18025.20104 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\...\OneDriveSetup.exe) (Version: 23.122.0611.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 (HKLM-x32\...\{1edcd8d2-905a-4e93-bfdf-92ed5601528a}) (Version: 16.0.28801 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2019 x64 Hosting Support (HKLM\...\{9D6CE289-E12C-38BB-9999-E2377EC118B7}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2019 x86 Hosting Support (HKLM-x32\...\{7C931D41-F302-3494-868C-320A4F4DD9F9}) (Version: 16.0.28801 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Nik Collection 6 (HKLM-x32\...\{4801688f-943a-46c0-a828-16eca2c0ef4c}) (Version: 6.6.0 - DxO)
NikCollection (HKLM\...\{71AEEFB4-D57E-4908-BE23-AA1E5E20A2A1}) (Version: 6.6.0.2 - DxO) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.18025.20104 - Microsoft Corporation) Hidden
Outlook (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\6b0f23e57a39ebfbf2814acb1a24293d) (Version: 1.0 - Outlook)
PDF-XChange PRO (HKLM\...\{3F964FFF-BC45-4A8F-A6FD-E892266F4A8E}) (Version: 10.1.3.383 - Tracker Software Products (Canada) Ltd.)
Peněžní deník 1.4 (HKLM-x32\...\Peněžní deník_is1) (Version: - )
PowerPoint (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\319814cb56b667dff88f54e08be8f51f) (Version: 1.0 - PowerPoint)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Revo Uninstaller Pro 5.3.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.3.0 - VS Revo Group, Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.8332 - TeamViewer)
TeraBox (HKLM-x32\...\TeraBox) (Version: 1.31.0 - Flextech Inc.)
Topaz DeNoise AI (HKLM\...\Topaz DeNoise AI 3.0.3) (Version: 3.7.2 - Topaz Labs LLC)
Topaz Sharpen AI (HKLM\...\Topaz Sharpen AI 3.1.1) (Version: 4.1.0 - Topaz Labs LLC)
UXP WebView Support (HKLM-x32\...\UXPW_1_1_0) (Version: 1.1.0 - Adobe Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.)
Wargaming.net Game Center for Steam (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Wargaming.net Game Center for Steam) (Version: 23.6.0.4252 - Wargaming.net)
WhatsApp (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\WhatsApp) (Version: 2.2149.4 - WhatsApp)
Windows 11 Manager (HKLM\...\{1896503C-0919-41C4-8135-BD1B667CDCEC}) (Version: 1.0.5 - Yamicsoft) Hidden
Windows 11 Manager (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\Windows 11 Manager 1.0.5) (Version: 1.0.5 - Yamicsoft)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinTools.net Premium version 19.3 (HKLM-x32\...\{AA9A6236-EE61-41B7-A7EC-5F4496409D55}_is1) (Version: 19.3 - WinTools Software Engineering, Ltd.)
Word (HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\1b837d0bf93d01407352736c91b7bf50) (Version: 1.0 - Word)
Xiaomi Cloud (HKLM\...\dbd7cffb-9b67-55a5-b1a3-aabba639e500) (Version: 1.0.16 - 小米科技有限责任公司)
Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5635.0_x64__8j3eq9eme6ctt [2024-10-01] (INTEL CORP) [Startup Task]
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-02] (Microsoft Corporation)
DuckDuckGo -> C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.90.3.0_x64__ya2fgkz3nks94 [2024-10-10] (DuckDuckGo) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11070.31001.0_x64__8wekyb3d8bbwe [2024-08-03] (Microsoft Corporation) [Startup Task]
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_155.1.1088.0_x64__v10z8vjag6ke6 [2024-08-07] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-26] (Microsoft Corporation) [MS Ad]
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x64__8wekyb3d8bbwe [2024-07-28] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.168.0_x64__8wekyb3d8bbwe [2024-09-28] (Microsoft Corporation) [Startup Task]
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24091.30.0_x64__cw5n1h2txyewy [2024-10-10] (Microsoft Windows) [Startup Task]
Smart Displays -> C:\Program Files\WindowsApps\E046963F.SmartDisplays_3.0.0.0_x64__k1h2ywk1493x8 [2023-06-29] (LENOVO INC.) [Startup Task]
Widgets Platform Runtime -> C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.4.0.0_x64__8wekyb3d8bbwe [2024-09-08] (Microsoft Corporation)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.275.500.0_x64__8wekyb3d8bbwe [2024-10-09] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.266.2241.0_x64__8wekyb3d8bbwe [2024-10-02] (Microsoft Corp.)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.AccountsService_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.DesktopSpotlight_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.IrisService_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\LKG\MicrosoftWindows.LKG.TwinSxS_cw5n1h2txyewy [2024-10-09] (Microsoft Windows)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64}\Shell\Open\Command -> C:\Users\Lenovo\AppData\Roaming\TeraBox\TeraBox.exe (FLEXTECH INC. -> Flextech Inc.)
CustomCLSID: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003_Classes\CLSID\{679F137C-3162-45da-BE3C-2F9C3D093F64} -> [TeraBox] => C:\Users\Lenovo\AppData\Roaming\TeraBox\ [0000-00-00 00:00]
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-28] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-28] (Adobe Inc. -> )
ContextMenuHandlers1: [PDFTools Context menu] -> {e0e0016c-6025-4337-948f-0b655a18552b} => C:\Program Files\Tracker Software\PDF Tools\PDFXToolsShellMenu.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Lenovo\AppData\Roaming\TeraBox\YunShellExt64.dll [2024-09-23] (FLEXTECH INC. -> )
ContextMenuHandlers4: [YunShellExt] -> {6D85624F-305A-491d-8848-C1927AA0D790} => C:\Users\Lenovo\AppData\Roaming\TeraBox\YunShellExt64.dll [2024-09-23] (FLEXTECH INC. -> )
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2024-07-28] (Adobe Inc. -> )
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2022-04-04] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Lenovo\Desktop\Profil 1 - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Excel.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=leffmjdabcgaflkikcefahmlgpodjkdm --app-url=hxxps://excel.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Outlook.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=bjhmmnoficofgoiacjaajpkfndojknpb --app-url=hxxps://outlook.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=opfacbhaojodjaojgocnibmklknchehf --app-url=hxxps://powerpoint.office.com/
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Word.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=hikhggiobiflkdfdgdajcfklmcibbopi --app-url=hxxps://word.office.com/
==================== Loaded Modules (Whitelisted) =============
2020-07-04 14:29 - 2020-07-04 14:29 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-07-04 14:29 - 2020-07-04 14:29 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2022-01-28 18:35 - 2015-02-27 11:35 - 000489984 _____ (Newtonsoft) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\Newtonsoft.Json.dll
2017-11-01 22:58 - 2017-11-01 22:58 - 001141248 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\Adguard\SQLite.Interop.dll
2022-01-28 18:35 - 2017-06-21 10:24 - 000087552 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCollect.dll
2022-01-28 18:35 - 2017-06-21 10:24 - 000198144 _____ (Wondershare) [File not signed] [File is in use] C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppCommon.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
BHO-x32: PDF-XChange IE Plugin -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} -> C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x64.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Toolbar: HKLM-x32 - PDF-XChange IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange Standard\PXCIEAddin.x86.dll [2023-11-14] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\...\sharepoint.com -> hxxps://msinvest1-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-04-24 10:12 - 2024-07-28 08:41 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\WINDOWS\system32\WBEM;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3625998006-2303437307-2170556659-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3625998006-2303437307-2170556659-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\black-wallpaper-flower.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8260 -> Netwtw06.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
Síťové připojení Bluetooth 2: Bluetooth Device (Personal Area Network) #2 -> bthpan.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{641E6536-6FAF-43C3-BE73-24D40A5BBB81}] => (Allow) C:\Program Files (x86)\AdGuard\AdguardSvc.exe (Adguard Software Limited -> Adguard Software Limited)
FirewallRules: [{627F6483-3C6F-4AA7-9787-6BC479488556}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7A28BBFC-F950-4CD9-AF89-CC969F287E44}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{5D684361-0976-4CDE-A3DF-71A7C473545D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4F610187-7249-4813-AFD8-1BE38A414FC9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B0FC9AC1-6B08-4CC5-B612-20CAA38A9C21}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe (Lenovo -> )
FirewallRules: [{00E17408-16D9-4C64-97AC-E0A8764698A5}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\Lenovo Migration Assistant Srv.exe (Lenovo -> )
FirewallRules: [{65ABCF5A-45E7-4499-8105-B3E2F7588ADC}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{64294E51-527E-48BF-A676-2885F3139E6F}] => (Allow) C:\Program Files\Lenovo\Lenovo Migration Assistant\MigrationAssistant.exe (Lenovo -> )
FirewallRules: [{29FA8EC0-6F5B-4FCE-B166-33851264BF7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1111CD5B-2396-4E4C-A525-B334D9F555D0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{15FF14B6-A2EF-4E1C-BEB0-D555C34CF8C3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B1EF330-43DF-456B-AB98-3830C3758BF4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{351EF7AF-2DED-4E1E-9D19-9549DAB6917F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{931064C4-B9FC-4B15-A212-229AB762CF6F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E3CF6E72-930C-4530-A9C1-EEB1E94B1B80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{806B9E6B-C3C7-4147-8503-4F27C31AF08D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.190.859.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9F285AE1-A050-49FD-942C-1D40A74D117D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7EA9DB1B-1051-4E4C-A816-D3F6996E63DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E163A9D5-A39E-4CCB-95D5-7A17C3DE8450}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{78F5508F-1C99-4DEA-B689-5DB7C7891E6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FA9E7CF8-CD81-4744-933A-E8CD15CE4BC4}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [{CE76BF83-9AE6-48F3-A4DE-1CF11C520188}] => (Allow) C:\Program Files (x86)\Lenovo\BluetoothLock\Lenovo Bluetooth Lock.exe (LENOVO -> Lenovo)
FirewallRules: [TCP Query User{224F1F62-048E-42AC-AF7E-BF122E382ADD}C:\users\lenovo\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\lenovo\appdata\roaming\terabox\teraboxrender.exe (FLEXTECH INC. -> Flextech Inc.)
FirewallRules: [UDP Query User{3AD357C8-ADD6-486B-BEAE-57454C5937B3}C:\users\lenovo\appdata\roaming\terabox\teraboxrender.exe] => (Allow) C:\users\lenovo\appdata\roaming\terabox\teraboxrender.exe (FLEXTECH INC. -> Flextech Inc.)
FirewallRules: [TCP Query User{AE7E5E7F-7B81-4F72-B0F0-6D2AB31C4256}C:\users\lenovo\appdata\roaming\terabox\teraboxhost.exe] => (Allow) C:\users\lenovo\appdata\roaming\terabox\teraboxhost.exe (FLEXTECH INC. -> Flextech Inc.)
FirewallRules: [UDP Query User{CFAB9E4D-77FE-4F10-8BFA-AD6AD1B000FE}C:\users\lenovo\appdata\roaming\terabox\teraboxhost.exe] => (Allow) C:\users\lenovo\appdata\roaming\terabox\teraboxhost.exe (FLEXTECH INC. -> Flextech Inc.)
FirewallRules: [{69741C3B-C616-470E-8D63-DA93D9E0C1F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E832CF41-A034-4558-B39A-3194278F039D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1AED1E2D-6291-4119-90A8-57C6CFF287C3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D925C26F-F7FD-44BA-9BA5-A67D11FC1B81}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.129.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A8039666-0FF8-424B-8495-3EA471DBFE6D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{547CA745-BF43-4CA9-A8E3-0CDE753A9828}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\129.0.2792.79\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B58A46D-87E1-4CFE-9EA4-9670D33012F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FCE938E6-79BE-4D97-8117-667392B7E7CF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A89F17FC-F609-4671-8D8E-5F17B762ABBA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{001D40C7-873A-4D46-8288-0EA18DB05E40}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{61FC40F6-87EC-4491-AC26-713C374BEF3F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A1AB49CE-4203-4FD2-BE4C-8C35F366C275}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DAB8B997-EC5D-47F1-BC45-747891EC62C8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{466D061C-426B-4B87-8C8E-6A829EFA0C7D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8C904AD7-FFB5-496E-8D7A-4525A114383C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E93DDCF5-8FD7-473F-AC16-D13FE16A6538}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.247.366.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FE0F4B8B-6D8C-46AB-B614-6B9C4FC16B04}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.90.3.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{A581D19B-2B4D-4700-BF57-E9922F945852}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.90.3.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{D988F579-DD3B-4A8E-AAEF-452C4C1369F9}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{570E367F-0F8F-48D4-A792-424BFD0FBB68}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24256.2502.3123.1_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E9182B8B-3721-4F3C-92C1-B0C888F2B975}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.91.0.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
FirewallRules: [{406A82B8-D687-4C43-8C1B-A73AE90D1542}] => (Allow) C:\Program Files\WindowsApps\DuckDuckGo.DesktopBrowser_0.91.0.0_x64__ya2fgkz3nks94\WindowsBrowser\WebView2\msedgewebview2.exe (Duck Duck Go, Inc. -> Microsoft Corporation)
==================== Restore Points =========================
07-10-2024 02:09:10 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
Name: Intel(R) Dual Band Wireless-AC 8260
Description: Intel(R) Dual Band Wireless-AC 8260
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw06
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: ThinkCentre M800Z/M700Z System Firmware 1.68
Description: ThinkCentre M800Z/M700Z System Firmware 1.68
Class Guid: {f2e7dd72-6468-4e36-b6f1-6488f42c1b52}
Manufacturer: Lenovo Ltd.
Service:
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/10/2024 08:27:30 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.6.1.1030, časové razítko: 0x55d32301
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x06ae249d
ID chybujícího procesu: 0x0x2d2c
Čas spuštění chybující aplikace: 0x0x1db1b41ddc2c3fa
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 4e29efb0-5559-48d1-ad99-cf03427430b8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/10/2024 08:27:29 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
na IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (10/10/2024 03:37:37 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-NOA58GF)
Description: Název chybující aplikace: Adobe Crash Processor.exe, verze: 13.3.0.0, časové razítko: 0x65203e90
Název chybujícího modulu: Adobe Crash Processor.exe, verze: 13.3.0.0, časové razítko: 0x65203e90
Kód výjimky: 0xc00000fd
Posun chyby: 0x000000000006dc25
ID chybujícího procesu: 0x0x1aa4
Čas spuštění chybující aplikace: 0x0x1db1a0a902b9d49
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
ID zprávy: ad09b286-56e0-4d9d-a698-533311f418bc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/09/2024 07:17:58 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.6.1.1030, časové razítko: 0x55d32301
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x05931715
ID chybujícího procesu: 0x0x1798
Čas spuštění chybující aplikace: 0x0x1db1a0a67818624
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 969ed214-0832-443e-a55c-e398dba0c043
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (10/09/2024 07:17:57 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: IAStorDataMgrSvc.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
na IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
na IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
Error: (10/06/2024 10:47:57 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-NOA58GF)
Description: Název chybující aplikace: Adobe Crash Processor.exe, verze: 13.3.0.0, časové razítko: 0x65203e90
Název chybujícího modulu: Adobe Crash Processor.exe, verze: 13.3.0.0, časové razítko: 0x65203e90
Kód výjimky: 0xc00000fd
Posun chyby: 0x0000000000083e15
ID chybujícího procesu: 0x0x3514
Čas spuštění chybující aplikace: 0x0x1db167f471c437f
Cesta k chybující aplikaci: C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
Cesta k chybujícímu modulu: C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
ID zprávy: 137a5fbe-f5b7-4c5e-b0a5-fbeeff3369e3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/30/2024 10:47:42 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: DESKTOP-NOA58GF)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
Error: (09/11/2024 03:31:30 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: IAStorDataMgrSvc.exe, verze: 14.6.1.1030, časové razítko: 0x55d32301
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x03aa8d6d
ID chybujícího procesu: 0x0x1a4
Čas spuštění chybující aplikace: 0x0x1db03ea2338c043
Cesta k chybující aplikaci: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 985ccec5-ca13-46b0-96a2-c59414313cd4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (10/10/2024 08:27:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (10/10/2024 08:26:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/10/2024 08:26:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (120000 ms).
Error: (10/10/2024 08:25:59 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (10/10/2024 08:23:11 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NOA58GF)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.22621.2506_neutral_neutral_cw5n1h2txyewy!App.AppXyvyv4mghdjas8j88defq0w1hc410kvzt.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/10/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (10/10/2024 06:00:01 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (10/09/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -2147020471. For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Windows Defender:
================
Date: 2024-10-10 21:14:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4E70F7EA-C41C-4D9D-934E-0A921F85FB65}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-10-09 21:12:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6F76DCB-BCA6-4A08-9C47-20E18ACF366E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-10-08 22:44:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9B3263C2-5DEF-4219-B830-633EE3521957}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-10-07 22:34:50
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C5C00018-9349-49F0-A8F2-A36D408A7DB1}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-10-06 20:06:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5E929B52-B06D-46A4-9380-82F6A6C2F597}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]
Date: 2024-07-28 08:55:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.415.364.0;1.415.364.0
Verze modulu: 1.1.24060.5
CodeIntegrity:
===============
Date: 2024-07-28 09:13:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO LENOVO - 1440 11/06/2020
Motherboard: LENOVO 30BB
Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 71%
Total physical RAM: 8099.45 MB
Available physical RAM: 2334.55 MB
Total Virtual: 12451.45 MB
Available Virtual: 5747.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.33 GB) (Free:69.08 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:222.13 GB) (Model: Samsung SSD 860 EVO 500G SCSI Disk Device) NTFS
\\?\Volume{378c6390-6e10-4618-911f-52c0938791b6}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.5 GB) NTFS
\\?\Volume{d388f1c1-f359-44f9-9ca7-530530751557}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 01DAAFA2)
Partition: GPT.
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0CBB1DFF)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt =========
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Lenovo\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {3230BEDD-BBCC-4DB1-8649-E587FB85F3C4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {2114354A-D3E6-4BCF-9DB9-626BA8DCADA5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\fontcacheev1.dat
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-09-2024
Ran by Lenovo (11-10-2024 16:45:42) Run:3
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Admin & Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {3230BEDD-BBCC-4DB1-8649-E587FB85F3C4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {2114354A-D3E6-4BCF-9DB9-626BA8DCADA5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\fontcacheev1.dat
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3230BEDD-BBCC-4DB1-8649-E587FB85F3C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3230BEDD-BBCC-4DB1-8649-E587FB85F3C4}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2114354A-D3E6-4BCF-9DB9-626BA8DCADA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2114354A-D3E6-4BCF-9DB9-626BA8DCADA5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\ProgramData\fontcacheev1.dat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt0 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt1 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt2 => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12760325 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 149402467 B
Windows/system/drivers => 49416775 B
Edge => 0 B
Chrome => 528792309 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 6996 B
Admin => 6996 B
Lenovo => 17651479 B
RecycleBin => 0 B
EmptyTemp: => 724.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:46:07 ====
Ran by Lenovo (11-10-2024 16:45:42) Run:3
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Admin & Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {3230BEDD-BBCC-4DB1-8649-E587FB85F3C4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {2114354A-D3E6-4BCF-9DB9-626BA8DCADA5} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\ProgramData\fontcacheev1.dat
ShellIconOverlayIdentifiers: [ .WorkspaceExt0] -> {C568C78A-652C-425B-8E6B-FFA73043302D} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt1] -> {2A6FE247-5DA3-4732-9626-77820518FD77} => -> No File
ShellIconOverlayIdentifiers: [ .WorkspaceExt2] -> {FF895810-293B-464A-93F2-82D11E07EEC8} => -> No File
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAA0AB33-5C74-40A2-A3AD-053E2A5C4E59}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{A8E764DA-9492-4FEF-9E63-AFC615ED77AC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3230BEDD-BBCC-4DB1-8649-E587FB85F3C4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3230BEDD-BBCC-4DB1-8649-E587FB85F3C4}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2114354A-D3E6-4BCF-9DB9-626BA8DCADA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2114354A-D3E6-4BCF-9DB9-626BA8DCADA5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\ProgramData\fontcacheev1.dat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt0 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt1 => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ .WorkspaceExt2 => not found
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12760325 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 149402467 B
Windows/system/drivers => 49416775 B
Edge => 0 B
Chrome => 528792309 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 6996 B
Admin => 6996 B
Lenovo => 17651479 B
RecycleBin => 0 B
EmptyTemp: => 724.4 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:46:07 ====
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Zdá se, že je to výrazně lepší
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
To jsem rád. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Mnohokráte děkuji
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Obávám se, že jsem to přechválil... Není to stále ono. Některé stránky se nenačtou a jiné běží pomalu.
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
OK. Spusťte postupně tyto utility:
1.Stahnete Zoek.exe https://sdilej.cz/29519076/zoek.rar a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
1.Stahnete Zoek.exe https://sdilej.cz/29519076/zoek.rar a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.
a
2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
na adrese kde má být zoek mě to ukázalo jen prázdnou úvodní stránku
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Lenovo (Administrator) on 11.10.2024 at 21:31:42,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 3
Successfully deleted: C:\ProgramData\thunder network (Folder)
Successfully deleted: C:\Users\Public\thunder network (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\85aa9b952d184d3bae1894ce947eeee8 (Task)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.10.2024 at 21:33:48,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by Lenovo (Administrator) on 11.10.2024 at 21:31:42,95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 3
Successfully deleted: C:\ProgramData\thunder network (Folder)
Successfully deleted: C:\Users\Public\thunder network (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\85aa9b952d184d3bae1894ce947eeee8 (Task)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.10.2024 at 21:33:48,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Poslal jsem vám Zoek na registrační mail. Soubor rozbalte a spusťte jako správce.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Zatím nic nepřišlo
-
Rudy
- Site Admin
- Příspěvky: 119318
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu, pomalé načítání stránek a celkové zpomalení
Poslal jsem ještě jednou na taislovi@seznam.cz
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?