Ale samozřejmě moc děkuju za pomoc!Pomalý NTB - log HTJ Vyřešeno
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
Nepodařilo se. I to dělení mně dělá problémy. Tak jsem vymazal z toho reportu SpeedFan jakousi dlouhou řadu čísel ve střední části a poslal to nadvakrát nekompletní. Už jsem s tím strávil celé dopoledne a musím jít na oběd. Jestli bude údržba záložního NTB jen pro občasné nouzové použití takhle náročná, tak ho možná radši vyhodím Ale samozřejmě moc děkuju za pomoc!
Ale samozřejmě moc děkuju za pomoc!-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43273
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
Re: Pomalý NTB - log HTJ
SpeedFan Chtěl jsem jen fotku s teplotama.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
Aha, blbě čtu, sorry. Tak jsem si teda zvládl snímek obrazovky s teplotama ze SpeedFan uložit jako obrázek.
Ale jak ho dostat sem, nevím. Takhle "umísit do příspěvku" jako soubor to stačí?
Ale jak ho dostat sem, nevím. Takhle "umísit do příspěvku" jako soubor to stačí?
Nemáte oprávnění prohlížet přiložené soubory.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43273
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
Re: Pomalý NTB - log HTJ
Stačí. Co problémy? Teploty jsou OK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
Já myslím, že je to už asi O.K. Sice je to o něco pomalejší, než su teď zvyklej u novýho NTB, resp. stolního PC, ale je to o hodně lepší než předtím, i když nevím, čím přesně se to zlepšilo. Takže asi mám uzavřít téma, ne?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43273
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
Re: Pomalý NTB - log HTJ
Tak to ještě projedeme.
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Ale nevím , kdy budu mít čas to luštit.
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Ale nevím , kdy budu mít čas to luštit.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
Na včasnost luštění mých výsledků vůbec netlačím. Zapínám tento NTB jen občas, na nic nespěchám.
Nejsem si jistý, zda správně vypínám antivir a firewall. Doufám, že integrovaný firewall (Win 10) jsem v Zabezpečení Windows správně vypnul v položce Firewall a ochrana sítě, a to doménová síť, privátní síť i veřejná síť. Žádný "externí" antivir nemám a nevím, jestli jsem teda měl vypnout ve Windows položce Nastaveni ochrany před viry a hrozbami taky Ochranu v reálném čase a Cloudovou ochranu, tak jsem to radši taky udělal. Jestli je to O.K., tak netřeba žádný komentář.
Moc děkuju za "charitu" pro neznalé, budu se revanšovat nějakým příspěvkem na podporu fóra.
Tady je ten prví log FRST (snad zvládnu to rozdělit):
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2025
Ran by danhe (administrator) on DESKTOP-OMBB2J8 (LENOVO 20H500B9MC) (23-04-2025 21:39:05)
Running from C:\Users\danhe\OneDrive\Desktop\FRST64.exe
Loaded Profiles: danhe
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5737 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe
(Lenovo -> Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2410.13017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(valWbioSyncSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1873976 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\...\Run: [Microsoft Edge Update] => C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\MicrosoftEdgeUpdateCore.exe [268360 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\...\Run: [MicrosoftEdgeAutoLaunch_E5D50D91557D01BA893314CF8DF8A6FF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.114\Installer\chrmstp.exe [2025-04-23] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18E66086-7E78-4243-88B4-AC26401EAC37} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {338BB013-B92E-4190-8D65-A7A18A0B0AB4} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {50B19D8B-6FA4-45A0-B59E-6335E0133A8D} - \Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524 -> No File <==== ATTENTION
Task: {6962EA04-661C-4426-96E9-ACADDBB7CF59} - \Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5 -> No File <==== ATTENTION
Task: {89F01A90-A27E-425F-8E12-B48A7227B742} - \Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71 -> No File <==== ATTENTION
Task: {983995DD-C3B5-4594-A248-61B33ECF995E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CE739301-04FA-44F7-9987-E3EBFA3F6E80} - \Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0 -> No File <==== ATTENTION
Task: {DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4} - \Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2 -> No File <==== ATTENTION
Task: {2A2C8E1D-64A5-47D2-8917-9BD5592703D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {1AA81E7C-03D7-42CE-893A-17080334AFF9} - System32\Tasks\Lenovo Active Protection System => C:\Windows\System32\TpShUI.exe [120424 2017-03-21] (Lenovo -> Lenovo.)
Task: {B4937E11-A252-4B89-A440-7C5700A0CEF5} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe" (No File)
Task: {5208E90F-F110-4BF8-AEB8-2F26E3F9CD91} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {B6951C19-63DA-4944-B015-2F15A0F5B45D} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed] -> C:\Program Files\CONEXANT\cAudioFilterAgent\/uid:cAudioFilterAgent /delay:45
Task: {D4511E88-4FE6-4D19-A2A3-DA4A0CFF06FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C81B04F-C282-4743-A2DC-4BC14E6AB03A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05D3073C-FA8F-46A5-ABE9-2A6926885692} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFD3AB44-4FD4-4C4F-9C6C-5A14D449454B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF775E0F-6AC8-427C-8EE9-F6BB736CE579} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001Core{547B3A8D-626E-46A3-BD4B-C14B3D858F66} => C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206416 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AA50466-0175-4E4E-8F7C-764B62AED100} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001UA{AB20ED85-BD3B-4848-B36F-D956789E94B9} => C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206416 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3A0052F-7CFE-4F6A-9CF6-EC91AB7D88A5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7B3A3668-A0CB-4AB3-82C9-83BBF1191C08} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [782904 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {531F4C2C-7F1D-4334-9D18-4C99E9B051C1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [643640 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A73BA6D-87F0-42ED-8D44-D30B4E5B2CC2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [643640 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A650FCE3-BE81-4AF1-BF73-215E6A3F641B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C504C9FA-CEDB-464B-BAC4-275035FF5A05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [716344 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {257DA41F-0317-49A6-8B2F-0FF3CD0BE414} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [716344 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\--logon
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Lenovo Active Protection System.job => C:\Windows\system32\TpShUI.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{44d68172-a49b-4ff6-bb72-6b3bfbba890d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9ea0300e-f604-41f9-ada7-2ab6425a677b}: [DhcpNameServer] 150.208.1.2
Edge:
=======
Edge Profile: C:\Users\danhe\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\danhe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-13]
Edge Extension: (Edge relevant text changes) - C:\Users\danhe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-16]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default [2025-04-23]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-16]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmsvc.exe [1037024 2024-05-16] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84256 2022-08-22] (Lenovo -> Lenovo Group Ltd.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\LPlatSvc.exe [916192 2024-05-16] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S3 Power Manager DBC Service; "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174928 2018-01-25] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 empvhid; C:\WINDOWS\System32\drivers\EMP_VHID.sys [29688 2015-12-03] (DriverTest -> Windows (R) Win 7 DDK provider)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [798728 2017-01-05] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmdrv.sys [56648 2024-05-16] (Lenovo -> Lenovo)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28216 2017-02-08] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\pmdrvs.sys [42320 2024-05-16] (Lenovo -> Lenovo)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-24] (Synaptics Inc. -> Synaptics Incorporated)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-23 21:36 - 2025-04-23 21:38 - 000029093 _____ C:\Users\danhe\OneDrive\Desktop\Addition.txt
2025-04-23 21:30 - 2025-04-23 21:40 - 000019879 _____ C:\Users\danhe\OneDrive\Desktop\FRST.txt
2025-04-23 21:29 - 2025-04-23 21:39 - 000000000 ____D C:\FRST
2025-04-23 21:26 - 2025-04-23 21:26 - 002405376 _____ (Farbar) C:\Users\danhe\OneDrive\Desktop\FRST64.exe
2025-04-20 18:02 - 2025-04-20 18:02 - 000001723 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wordpad.lnk
2025-04-20 18:01 - 2025-04-20 18:01 - 000001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2025-04-20 17:49 - 2025-04-20 17:49 - 000001830 _____ C:\Users\danhe\OneDrive\Desktop\Microsoft Edge.lnk
2025-04-20 17:47 - 2025-04-20 17:47 - 000000000 ____D C:\Users\danhe\OneDrive\Dokumenty\Zvukové záznamy
2025-04-20 17:08 - 2025-04-20 17:11 - 000001641 _____ C:\Users\danhe\OneDrive\Desktop\Stažené soubory.lnk
2025-04-20 16:56 - 2025-04-20 16:56 - 000000000 ____D C:\Users\danhe\AppData\LocalLow\NVIDIA
2025-04-20 16:53 - 2025-04-20 16:50 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad.lnk
2025-04-20 16:40 - 2025-04-20 16:40 - 000000000 ____D C:\Users\danhe\AppData\Local\CrashDumps
2025-04-20 15:50 - 2025-04-20 15:50 - 000000000 ____D C:\inetpub
2025-04-20 15:02 - 2025-04-20 15:02 - 000000000 ____D C:\Users\danhe\AppData\Local\Chromium
2025-04-20 15:02 - 2025-04-20 15:02 - 000000000 ____D C:\Users\danhe\AppData\Local\CEF
2025-04-20 14:34 - 2025-04-20 14:34 - 000000000 ___RD C:\Users\danhe\3D Objects
2025-04-20 14:26 - 2025-04-20 14:26 - 000000000 ___HD C:\$WinREAgent
2025-04-13 11:35 - 2025-04-13 11:35 - 003086696 _____ C:\Users\danhe\Downloads\instspeedfan452_1.exe
2025-04-13 11:35 - 2025-04-13 11:35 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2025-04-13 11:24 - 2025-04-20 17:22 - 000284543 _____ C:\WINDOWS\ZAM.krnl.trace
2025-04-13 11:24 - 2025-04-20 17:22 - 000000000 ____D C:\Users\danhe\AppData\Local\AMSDK
2025-04-13 11:24 - 2025-04-13 11:24 - 000000000 ____D C:\Users\danhe\AppData\Local\Zemana
2025-04-13 11:20 - 2025-04-13 11:23 - 013922376 _____ (Zemana Ltd. ) C:\Users\danhe\Downloads\Zemana.AntiMalware.Setup.exe
2025-04-13 11:13 - 2025-04-13 11:13 - 001800862 _____ C:\Users\danhe\Downloads\zoek1.rar
2025-04-12 12:35 - 2025-04-12 12:35 - 000001545 _____ C:\Users\danhe\OneDrive\Desktop\Internet Explorer.lnk
2025-04-12 10:28 - 2025-04-12 10:28 - 001790024 _____ (Malwarebytes) C:\Users\danhe\Downloads\JRT.exe
2025-04-12 10:19 - 2025-04-12 10:21 - 051540232 _____ (Adlice Software ) C:\Users\danhe\Downloads\RogueKiller_setup.exe
2025-04-11 18:05 - 2025-04-11 18:05 - 000000000 ____D C:\Users\danhe\AppData\Local\Comms
2025-04-11 16:29 - 2025-04-11 16:36 - 000000000 ____D C:\WINDOWS\Minidump
2025-04-11 16:29 - 2025-04-11 16:35 - 002993844 _____ C:\WINDOWS\Minidump\041125-35937-01.dmp
2025-04-11 16:29 - 2025-04-11 16:29 - 741522313 _____ C:\WINDOWS\MEMORY.DMP
2025-04-11 13:18 - 2025-04-11 13:18 - 000017671 _____ C:\Users\danhe\Downloads\MemTest.zip
2025-04-11 13:13 - 2025-04-11 13:13 - 000043632 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\pmxdrv.sys
2025-03-29 19:06 - 2025-03-29 19:06 - 005952696 _____ (Crystal Dew World ) C:\Users\danhe\Downloads\CrystalDiskInfo9_6_2.exe
2025-03-29 19:04 - 2025-03-29 19:04 - 000000000 ____D C:\Users\danhe\AppData\Local\Backup
2025-03-29 18:45 - 2025-03-29 18:45 - 000000000 ____D C:\Users\danhe\AppData\Roaming\WinRAR
2025-03-29 18:36 - 2025-03-29 18:36 - 002834160 _____ (Malwarebytes) C:\Users\danhe\Downloads\MBSetup.exe
2025-03-29 18:31 - 2025-03-29 18:31 - 009566696 _____ (Malwarebytes) C:\Users\danhe\Downloads\Adwcleaner.exe
2025-03-29 18:25 - 2025-04-20 15:00 - 000000000 ____D C:\Users\danhe\AppData\LocalLow\Adobe
2025-03-29 18:25 - 2025-03-29 18:25 - 000000000 ____D C:\Users\danhe\AppData\Roaming\com.adobe.dunamis
2025-03-29 18:25 - 2025-03-29 18:25 - 000000000 ____D C:\Users\danhe\AppData\Local\SolidDocuments
2025-03-29 18:25 - 2025-03-29 18:25 - 000000000 ____D C:\Users\danhe\.ms-ad
2025-03-29 18:23 - 2025-03-29 18:23 - 000000000 ____D C:\ProgramData\Adobe
2025-03-29 18:22 - 2025-03-29 18:29 - 000000000 ____D C:\Users\danhe\AppData\Local\Adobe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-23 20:55 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-23 20:51 - 2024-11-16 18:30 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-23 20:51 - 2017-09-21 07:46 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-23 20:48 - 2024-11-15 04:35 - 000000000 __SHD C:\Users\danhe\IntelGraphicsProfiles
2025-04-23 20:48 - 2024-11-14 23:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-22 21:35 - 2024-11-14 23:37 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-22 21:35 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-20 18:35 - 2024-11-15 10:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-20 18:35 - 2024-11-15 09:58 - 000000000 ____D C:\ProgramData\Synaptics
2025-04-20 18:35 - 2024-11-15 09:49 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-20 18:35 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-20 18:34 - 2024-11-14 23:13 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-20 18:28 - 2024-11-14 23:27 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-20 18:15 - 2024-11-15 04:35 - 000000000 ____D C:\Users\danhe\AppData\Local\Packages
2025-04-20 17:22 - 2024-11-15 04:26 - 000000000 ____D C:\Users\danhe
2025-04-20 17:21 - 2024-11-14 23:35 - 000000000 ____D C:\WINDOWS\INF
2025-04-20 17:20 - 2024-11-14 23:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-20 16:42 - 2024-11-15 04:36 - 000000000 ____D C:\Users\danhe\AppData\Local\D3DSCache
2025-04-20 16:24 - 2024-11-15 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-20 16:04 - 2024-11-15 10:28 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-20 16:04 - 2024-11-14 23:42 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-20 16:04 - 2024-11-14 23:42 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-20 15:57 - 2024-11-15 09:49 - 000260088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-20 15:52 - 2024-11-14 23:46 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-20 15:45 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-04-20 15:21 - 2024-11-15 09:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-20 15:09 - 2025-02-03 21:42 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-04-20 15:06 - 2025-02-03 21:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-04-20 14:06 - 2024-11-15 09:54 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-20 13:41 - 2024-11-15 04:27 - 000000000 ___SD C:\Users\danhe\AppData\Roaming\Microsoft\Protect
2025-04-12 10:09 - 2024-11-15 10:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2025-04-12 10:09 - 2024-11-15 04:38 - 000000000 ____D C:\Users\danhe\AppData\Local\Lenovo
2025-04-12 10:09 - 2024-11-15 00:30 - 000000000 ____D C:\ProgramData\Lenovo
2025-04-12 10:09 - 2024-11-14 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2025-04-12 10:09 - 2024-11-14 23:50 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2025-04-11 18:05 - 2024-11-15 04:37 - 000000000 ____D C:\ProgramData\Packages
2025-04-11 15:58 - 2024-11-15 10:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-11 15:34 - 2024-11-14 23:13 - 000000000 ____D C:\WINDOWS\servicing
2025-04-11 13:09 - 2024-11-16 18:55 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{FF9366A7-C309-4C2E-B2E1-7332194F9F85}
2025-04-11 13:09 - 2024-11-16 18:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{4006B65B-371E-41E7-9C33-43E879C2102F}
2025-04-11 13:08 - 2024-11-16 18:12 - 000003976 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001UA{AB20ED85-BD3B-4848-B36F-D956789E94B9}
2025-04-11 13:08 - 2024-11-16 18:12 - 000003912 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001Core{547B3A8D-626E-46A3-BD4B-C14B3D858F66}
2025-04-11 13:06 - 2024-11-16 18:38 - 000000000 ____D C:\Program Files\RUXIM
2025-03-29 18:39 - 2024-11-16 18:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-03-29 18:27 - 2024-11-16 18:39 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-03-29 18:25 - 2024-11-15 04:35 - 000000000 ____D C:\Users\danhe\AppData\Roaming\Adobe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Nejsem si jistý, zda správně vypínám antivir a firewall. Doufám, že integrovaný firewall (Win 10) jsem v Zabezpečení Windows správně vypnul v položce Firewall a ochrana sítě, a to doménová síť, privátní síť i veřejná síť. Žádný "externí" antivir nemám a nevím, jestli jsem teda měl vypnout ve Windows položce Nastaveni ochrany před viry a hrozbami taky Ochranu v reálném čase a Cloudovou ochranu, tak jsem to radši taky udělal. Jestli je to O.K., tak netřeba žádný komentář.
Moc děkuju za "charitu" pro neznalé, budu se revanšovat nějakým příspěvkem na podporu fóra.
Tady je ten prví log FRST (snad zvládnu to rozdělit):
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2025
Ran by danhe (administrator) on DESKTOP-OMBB2J8 (LENOVO 20H500B9MC) (23-04-2025 21:39:05)
Running from C:\Users\danhe\OneDrive\Desktop\FRST64.exe
Loaded Profiles: danhe
Platform: Microsoft Windows 10 Pro Version 22H2 19045.5737 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxEM.exe
(Lenovo -> Lenovo.) C:\Windows\System32\TpShocks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2410.13017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(valWbioSyncSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1873976 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\...\Run: [Microsoft Edge Update] => C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\MicrosoftEdgeUpdateCore.exe [268360 2025-04-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\...\Run: [MicrosoftEdgeAutoLaunch_E5D50D91557D01BA893314CF8DF8A6FF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.114\Installer\chrmstp.exe [2025-04-23] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {18E66086-7E78-4243-88B4-AC26401EAC37} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {338BB013-B92E-4190-8D65-A7A18A0B0AB4} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {50B19D8B-6FA4-45A0-B59E-6335E0133A8D} - \Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524 -> No File <==== ATTENTION
Task: {6962EA04-661C-4426-96E9-ACADDBB7CF59} - \Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5 -> No File <==== ATTENTION
Task: {89F01A90-A27E-425F-8E12-B48A7227B742} - \Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71 -> No File <==== ATTENTION
Task: {983995DD-C3B5-4594-A248-61B33ECF995E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CE739301-04FA-44F7-9987-E3EBFA3F6E80} - \Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0 -> No File <==== ATTENTION
Task: {DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4} - \Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2 -> No File <==== ATTENTION
Task: {2A2C8E1D-64A5-47D2-8917-9BD5592703D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {1AA81E7C-03D7-42CE-893A-17080334AFF9} - System32\Tasks\Lenovo Active Protection System => C:\Windows\System32\TpShUI.exe [120424 2017-03-21] (Lenovo -> Lenovo.)
Task: {B4937E11-A252-4B89-A440-7C5700A0CEF5} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe" (No File)
Task: {5208E90F-F110-4BF8-AEB8-2F26E3F9CD91} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {B6951C19-63DA-4944-B015-2F15A0F5B45D} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed] -> C:\Program Files\CONEXANT\cAudioFilterAgent\/uid:cAudioFilterAgent /delay:45
Task: {D4511E88-4FE6-4D19-A2A3-DA4A0CFF06FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C81B04F-C282-4743-A2DC-4BC14E6AB03A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {05D3073C-FA8F-46A5-ABE9-2A6926885692} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FFD3AB44-4FD4-4C4F-9C6C-5A14D449454B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BF775E0F-6AC8-427C-8EE9-F6BB736CE579} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001Core{547B3A8D-626E-46A3-BD4B-C14B3D858F66} => C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206416 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AA50466-0175-4E4E-8F7C-764B62AED100} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001UA{AB20ED85-BD3B-4848-B36F-D956789E94B9} => C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206416 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D3A0052F-7CFE-4F6A-9CF6-EC91AB7D88A5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7B3A3668-A0CB-4AB3-82C9-83BBF1191C08} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [782904 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {531F4C2C-7F1D-4334-9D18-4C99E9B051C1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [643640 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A73BA6D-87F0-42ED-8D44-D30B4E5B2CC2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [643640 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A650FCE3-BE81-4AF1-BF73-215E6A3F641B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C504C9FA-CEDB-464B-BAC4-275035FF5A05} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [716344 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {257DA41F-0317-49A6-8B2F-0FF3CD0BE414} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [716344 2017-02-08] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\Update Core\--logon
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Lenovo Active Protection System.job => C:\Windows\system32\TpShUI.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{44d68172-a49b-4ff6-bb72-6b3bfbba890d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9ea0300e-f604-41f9-ada7-2ab6425a677b}: [DhcpNameServer] 150.208.1.2
Edge:
=======
Edge Profile: C:\Users\danhe\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\danhe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-13]
Edge Extension: (Edge relevant text changes) - C:\Users\danhe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-16]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default [2025-04-23]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\danhe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-11-16]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmsvc.exe [1037024 2024-05-16] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84256 2022-08-22] (Lenovo -> Lenovo Group Ltd.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\LPlatSvc.exe [916192 2024-05-16] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559304 2025-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [77792 2018-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [48608 2018-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
S3 Power Manager DBC Service; "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174928 2018-01-25] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 empvhid; C:\WINDOWS\System32\drivers\EMP_VHID.sys [29688 2015-12-03] (DriverTest -> Windows (R) Win 7 DDK provider)
U5 iaStorA; C:\Windows\System32\Drivers\iaStorA.sys [798728 2017-01-05] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\ibmpmdrv.sys [56648 2024-05-16] (Lenovo -> Lenovo)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28216 2017-02-08] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c861c131e09ec856\x64\pmdrvs.sys [42320 2024-05-16] (Lenovo -> Lenovo)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-24] (Synaptics Inc. -> Synaptics Incorporated)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-11] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-23 21:36 - 2025-04-23 21:38 - 000029093 _____ C:\Users\danhe\OneDrive\Desktop\Addition.txt
2025-04-23 21:30 - 2025-04-23 21:40 - 000019879 _____ C:\Users\danhe\OneDrive\Desktop\FRST.txt
2025-04-23 21:29 - 2025-04-23 21:39 - 000000000 ____D C:\FRST
2025-04-23 21:26 - 2025-04-23 21:26 - 002405376 _____ (Farbar) C:\Users\danhe\OneDrive\Desktop\FRST64.exe
2025-04-20 18:02 - 2025-04-20 18:02 - 000001723 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wordpad.lnk
2025-04-20 18:01 - 2025-04-20 18:01 - 000001644 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2025-04-20 17:49 - 2025-04-20 17:49 - 000001830 _____ C:\Users\danhe\OneDrive\Desktop\Microsoft Edge.lnk
2025-04-20 17:47 - 2025-04-20 17:47 - 000000000 ____D C:\Users\danhe\OneDrive\Dokumenty\Zvukové záznamy
2025-04-20 17:08 - 2025-04-20 17:11 - 000001641 _____ C:\Users\danhe\OneDrive\Desktop\Stažené soubory.lnk
2025-04-20 16:56 - 2025-04-20 16:56 - 000000000 ____D C:\Users\danhe\AppData\LocalLow\NVIDIA
2025-04-20 16:53 - 2025-04-20 16:50 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad.lnk
2025-04-20 16:40 - 2025-04-20 16:40 - 000000000 ____D C:\Users\danhe\AppData\Local\CrashDumps
2025-04-20 15:50 - 2025-04-20 15:50 - 000000000 ____D C:\inetpub
2025-04-20 15:02 - 2025-04-20 15:02 - 000000000 ____D C:\Users\danhe\AppData\Local\Chromium
2025-04-20 15:02 - 2025-04-20 15:02 - 000000000 ____D C:\Users\danhe\AppData\Local\CEF
2025-04-20 14:34 - 2025-04-20 14:34 - 000000000 ___RD C:\Users\danhe\3D Objects
2025-04-20 14:26 - 2025-04-20 14:26 - 000000000 ___HD C:\$WinREAgent
2025-04-13 11:35 - 2025-04-13 11:35 - 003086696 _____ C:\Users\danhe\Downloads\instspeedfan452_1.exe
2025-04-13 11:35 - 2025-04-13 11:35 - 000000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2025-04-13 11:24 - 2025-04-20 17:22 - 000284543 _____ C:\WINDOWS\ZAM.krnl.trace
2025-04-13 11:24 - 2025-04-20 17:22 - 000000000 ____D C:\Users\danhe\AppData\Local\AMSDK
2025-04-13 11:24 - 2025-04-13 11:24 - 000000000 ____D C:\Users\danhe\AppData\Local\Zemana
2025-04-13 11:20 - 2025-04-13 11:23 - 013922376 _____ (Zemana Ltd. ) C:\Users\danhe\Downloads\Zemana.AntiMalware.Setup.exe
2025-04-13 11:13 - 2025-04-13 11:13 - 001800862 _____ C:\Users\danhe\Downloads\zoek1.rar
2025-04-12 12:35 - 2025-04-12 12:35 - 000001545 _____ C:\Users\danhe\OneDrive\Desktop\Internet Explorer.lnk
2025-04-12 10:28 - 2025-04-12 10:28 - 001790024 _____ (Malwarebytes) C:\Users\danhe\Downloads\JRT.exe
2025-04-12 10:19 - 2025-04-12 10:21 - 051540232 _____ (Adlice Software ) C:\Users\danhe\Downloads\RogueKiller_setup.exe
2025-04-11 18:05 - 2025-04-11 18:05 - 000000000 ____D C:\Users\danhe\AppData\Local\Comms
2025-04-11 16:29 - 2025-04-11 16:36 - 000000000 ____D C:\WINDOWS\Minidump
2025-04-11 16:29 - 2025-04-11 16:35 - 002993844 _____ C:\WINDOWS\Minidump\041125-35937-01.dmp
2025-04-11 16:29 - 2025-04-11 16:29 - 741522313 _____ C:\WINDOWS\MEMORY.DMP
2025-04-11 13:18 - 2025-04-11 13:18 - 000017671 _____ C:\Users\danhe\Downloads\MemTest.zip
2025-04-11 13:13 - 2025-04-11 13:13 - 000043632 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\pmxdrv.sys
2025-03-29 19:06 - 2025-03-29 19:06 - 005952696 _____ (Crystal Dew World ) C:\Users\danhe\Downloads\CrystalDiskInfo9_6_2.exe
2025-03-29 19:04 - 2025-03-29 19:04 - 000000000 ____D C:\Users\danhe\AppData\Local\Backup
2025-03-29 18:45 - 2025-03-29 18:45 - 000000000 ____D C:\Users\danhe\AppData\Roaming\WinRAR
2025-03-29 18:36 - 2025-03-29 18:36 - 002834160 _____ (Malwarebytes) C:\Users\danhe\Downloads\MBSetup.exe
2025-03-29 18:31 - 2025-03-29 18:31 - 009566696 _____ (Malwarebytes) C:\Users\danhe\Downloads\Adwcleaner.exe
2025-03-29 18:25 - 2025-04-20 15:00 - 000000000 ____D C:\Users\danhe\AppData\LocalLow\Adobe
2025-03-29 18:25 - 2025-03-29 18:25 - 000000000 ____D C:\Users\danhe\AppData\Roaming\com.adobe.dunamis
2025-03-29 18:25 - 2025-03-29 18:25 - 000000000 ____D C:\Users\danhe\AppData\Local\SolidDocuments
2025-03-29 18:25 - 2025-03-29 18:25 - 000000000 ____D C:\Users\danhe\.ms-ad
2025-03-29 18:23 - 2025-03-29 18:23 - 000000000 ____D C:\ProgramData\Adobe
2025-03-29 18:22 - 2025-03-29 18:29 - 000000000 ____D C:\Users\danhe\AppData\Local\Adobe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-23 20:55 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-23 20:51 - 2024-11-16 18:30 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-23 20:51 - 2017-09-21 07:46 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-23 20:48 - 2024-11-15 04:35 - 000000000 __SHD C:\Users\danhe\IntelGraphicsProfiles
2025-04-23 20:48 - 2024-11-14 23:37 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-22 21:35 - 2024-11-14 23:37 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-22 21:35 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-20 18:35 - 2024-11-15 10:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-20 18:35 - 2024-11-15 09:58 - 000000000 ____D C:\ProgramData\Synaptics
2025-04-20 18:35 - 2024-11-15 09:49 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-20 18:35 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-20 18:34 - 2024-11-14 23:13 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-20 18:28 - 2024-11-14 23:27 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-20 18:15 - 2024-11-15 04:35 - 000000000 ____D C:\Users\danhe\AppData\Local\Packages
2025-04-20 17:22 - 2024-11-15 04:26 - 000000000 ____D C:\Users\danhe
2025-04-20 17:21 - 2024-11-14 23:35 - 000000000 ____D C:\WINDOWS\INF
2025-04-20 17:20 - 2024-11-14 23:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-20 16:42 - 2024-11-15 04:36 - 000000000 ____D C:\Users\danhe\AppData\Local\D3DSCache
2025-04-20 16:24 - 2024-11-15 09:49 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-20 16:04 - 2024-11-15 10:28 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-20 16:04 - 2024-11-14 23:42 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-20 16:04 - 2024-11-14 23:42 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-20 15:57 - 2024-11-15 09:49 - 000260088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-20 15:53 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-20 15:52 - 2024-11-14 23:46 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-20 15:52 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-20 15:50 - 2024-11-14 23:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-20 15:45 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2025-04-20 15:21 - 2024-11-15 09:53 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-20 15:09 - 2025-02-03 21:42 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-04-20 15:06 - 2025-02-03 21:44 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-04-20 14:06 - 2024-11-15 09:54 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-20 13:41 - 2024-11-15 04:27 - 000000000 ___SD C:\Users\danhe\AppData\Roaming\Microsoft\Protect
2025-04-12 10:09 - 2024-11-15 10:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2025-04-12 10:09 - 2024-11-15 04:38 - 000000000 ____D C:\Users\danhe\AppData\Local\Lenovo
2025-04-12 10:09 - 2024-11-15 00:30 - 000000000 ____D C:\ProgramData\Lenovo
2025-04-12 10:09 - 2024-11-14 23:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2025-04-12 10:09 - 2024-11-14 23:50 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2025-04-11 18:05 - 2024-11-15 04:37 - 000000000 ____D C:\ProgramData\Packages
2025-04-11 15:58 - 2024-11-15 10:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-11 15:34 - 2024-11-14 23:37 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-11 15:34 - 2024-11-14 23:13 - 000000000 ____D C:\WINDOWS\servicing
2025-04-11 13:09 - 2024-11-16 18:55 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{FF9366A7-C309-4C2E-B2E1-7332194F9F85}
2025-04-11 13:09 - 2024-11-16 18:55 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{4006B65B-371E-41E7-9C33-43E879C2102F}
2025-04-11 13:08 - 2024-11-16 18:12 - 000003976 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001UA{AB20ED85-BD3B-4848-B36F-D956789E94B9}
2025-04-11 13:08 - 2024-11-16 18:12 - 000003912 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3731836364-314722761-3889886357-1001Core{547B3A8D-626E-46A3-BD4B-C14B3D858F66}
2025-04-11 13:06 - 2024-11-16 18:38 - 000000000 ____D C:\Program Files\RUXIM
2025-03-29 18:39 - 2024-11-16 18:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-03-29 18:27 - 2024-11-16 18:39 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-03-29 18:25 - 2024-11-15 04:35 - 000000000 ____D C:\Users\danhe\AppData\Roaming\Adobe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
A teď ten druhý log ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2025
Ran by danhe (23-04-2025 21:42:33)
Running from C:\Users\danhe\OneDrive\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5737 (X64) (2024-11-15 08:28:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3731836364-314722761-3889886357-500 - Administrator - Disabled)
danhe (S-1-5-21-3731836364-314722761-3889886357-1001 - Administrator - Enabled) => C:\Users\danhe
DefaultAccount (S-1-5-21-3731836364-314722761-3889886357-503 - Limited - Disabled)
Guest (S-1-5-21-3731836364-314722761-3889886357-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3731836364-314722761-3889886357-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
Dolby Audio X2 Windows APP (HKLM\...\{9806D15D-FCE9-4F5E-9934-97DD7B546195}) (Version: 0.8.5.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.114 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1045 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{C0466C2A-C335-4936-BBF9-4BE174AB2A61}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{C63012D0-BAD2-48EF-BB78-2ED5FFA2B441}) (Version: 11.6.0.1045 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{F09842DB-C86A-4DCD-81DB-26CFBD506480}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{F255C3B6-F053-4592-9325-34898BF5EB46}) (Version: 1.44.398.0 - Intel Corporation) Hidden
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.14 - Lenovo) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.23 - Lenovo) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{08453CDC-B378-42D3-BAD9-CEA017301600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{E0DE0BC0-9BF3-41C2-9A6D-AC252997690C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.3.0.100 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.100 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Packages:
=========
Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1801.640.0_x64__8wekyb3d8bbwe [2024-11-16] (Microsoft Corporation) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-04-11] (LENOVO INC.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2024-11-16] (LENOVO INCORPORATED.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.28001.0_x64__8wekyb3d8bbwe [2025-04-11] (Microsoft Corporation) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2 [2024-11-16] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxDTCM.dll [2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-09-21 07:47 - 2017-09-21 07:47 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\ShadowPlay\_nvspserviceplugin64.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\danhe\Downloads\CrystalDiskInfo9_6_2.exe:MBAM.Zone.Identifier [251]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{404B7CCD-42C4-4A0E-94ED-084225B50435}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E5F7A31-9845-40C2-A2B1-A6E29647131C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{477E2FEE-95CB-4304-86D8-654C251D9098}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{599017A0-9933-4D33-AAE5-13B0B07BB14E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CCEB17A3-A3FC-449F-B8E4-90B7CB1473A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F029903-44CE-4ECF-84BE-BE02C59B4363}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{955363B4-FD48-4F90-ACF4-326022B74E18}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7106154F-FEBA-4363-A009-49B3FC0DE8F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4DF9989-C7AD-489E-A2AD-4E282B547AC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{661440AC-EB30-4A33-83AB-33238A1069C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F09FF4AD-40D9-47E4-A94D-00A892E3B69A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5244CCB-4933-400F-AF89-D23497471CDD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-04-2025 13:10:24 Instalační služba modulů systému Windows
12-04-2025 10:07:08 AdwCleaner_BeforeCleaning_12/04/2025_10:07:06
12-04-2025 10:29:24 JRT Pre-Junkware Removal
20-04-2025 14:01:40 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/20/2025 04:39:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 25.1.20435.0, časové razítko: 0x67d2292d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5438, časové razítko: 0xab0dece3
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000649e6
ID chybujícího procesu: 0x5a8
Čas spuštění chybující aplikace: 0x01dbb201e153f26e
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 6e95f5ef-5b8d-4ed1-a18f-d5cb235cee69
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/20/2025 03:55:56 PM) (Source: WMIRegistrationService) (EventID: 3) (User: )
Description: Intel(R) WMI Registration Service has failed WMI Registration.
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
System errors:
=============
Error: (04/23/2025 08:47:45 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/22/2025 09:28:33 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 06:40:44 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 06:39:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (04/20/2025 06:36:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/20/2025 06:36:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (04/20/2025 06:23:26 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 06:21:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Windows Defender:
================
Date: 2025-03-29 17:57:53
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-16 13:14:17
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUABundler:Win32/MediaGet
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Users\danhe\Downloads\MediaGet_id2579218ids1s.exe; file:_C:\Users\danhe\Downloads\MediaGet_id2584295ids1s.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1673.0, AS: 1.421.1673.0, NIS: 1.421.1673.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2025-02-16 12:55:01
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUABundler:Win32/MediaGet
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Users\danhe\Downloads\MediaGet_id2579218ids1s.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1673.0, AS: 1.421.1673.0, NIS: 1.421.1673.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2025-02-03 21:37:53
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2025-02-03 20:32:31
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2025-04-20 14:23:27
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070005
Error description: Přístup byl odepřen.
Date: 2025-04-20 14:06:09
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-04-20 14:06:09
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-04-20 14:06:09
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-04-11 13:34:58
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.421.1927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25010.7
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2025-04-11 21:10:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-11 16:35:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO R0DETA6W (2.06 ) 01/27/2022
Motherboard: LENOVO 20H500B9MC
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 8094.88 MB
Available physical RAM: 4231.21 MB
Total Virtual: 9054.88 MB
Available Virtual: 4710.01 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:871.01 GB) (Model: WDC WD10JPVX-08JC3T6) NTFS
\\?\Volume{63eb764e-0b86-4717-af92-b4fcde7458b2}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.3 GB) NTFS
\\?\Volume{74f36a0b-dda2-4647-aba7-001594082c7a}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EF529C83)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2025
Ran by danhe (23-04-2025 21:42:33)
Running from C:\Users\danhe\OneDrive\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.5737 (X64) (2024-11-15 08:28:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3731836364-314722761-3889886357-500 - Administrator - Disabled)
danhe (S-1-5-21-3731836364-314722761-3889886357-1001 - Administrator - Enabled) => C:\Users\danhe
DefaultAccount (S-1-5-21-3731836364-314722761-3889886357-503 - Limited - Disabled)
Guest (S-1-5-21-3731836364-314722761-3889886357-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3731836364-314722761-3889886357-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FF00-7760-BC15014EA700}) (Version: 25.001.20435 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{2A027A37-B09B-44FB-B1C9-2DD6BA0014E8}) (Version: 0.7.2.61 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
Dolby Audio X2 Windows APP (HKLM\...\{9806D15D-FCE9-4F5E-9934-97DD7B546195}) (Version: 0.8.5.74 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{D765CF7F-14F9-4C80-B06C-10E68F10EBCC}) (Version: 0.7.2.62 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.114 - Google LLC)
Intel(R) Chipset Device Software (HKLM\...\{81520FC5-3518-40E9-9803-70CE8A801D07}) (Version: 10.1.1.38 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1045 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{C0466C2A-C335-4936-BBF9-4BE174AB2A61}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{C63012D0-BAD2-48EF-BB78-2ED5FFA2B441}) (Version: 11.6.0.1045 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{F09842DB-C86A-4DCD-81DB-26CFBD506480}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{F255C3B6-F053-4592-9325-34898BF5EB46}) (Version: 1.44.398.0 - Intel Corporation) Hidden
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.14 - Lenovo) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.23 - Lenovo) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{08453CDC-B378-42D3-BAD9-CEA017301600}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{E0DE0BC0-9BF3-41C2-9A6D-AC252997690C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.3.0.100 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.100 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Packages:
=========
Dev Home (Preview) -> C:\Program Files\WindowsApps\Microsoft.Windows.DevHome_0.1801.640.0_x64__8wekyb3d8bbwe [2024-11-16] (Microsoft Corporation) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-04-11] (LENOVO INC.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2024-11-16] (LENOVO INCORPORATED.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.28001.0_x64__8wekyb3d8bbwe [2025-04-11] (Microsoft Corporation) [Startup Task]
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\lenovocorporation.lenovoid_2.0.37.0_x86__4642shxvsv8s2 [2024-11-16] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_4645af5c659ae51a\igfxDTCM.dll [2018-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-05-12] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-09-21 07:47 - 2017-09-21 07:47 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\ShadowPlay\_nvspserviceplugin64.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\danhe\Downloads\CrystalDiskInfo9_6_2.exe:MBAM.Zone.Identifier [251]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 23:03 - 2017-03-18 23:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3731836364-314722761-3889886357-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
Network Binding:
=============
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{404B7CCD-42C4-4A0E-94ED-084225B50435}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7E5F7A31-9845-40C2-A2B1-A6E29647131C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{477E2FEE-95CB-4304-86D8-654C251D9098}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{599017A0-9933-4D33-AAE5-13B0B07BB14E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CCEB17A3-A3FC-449F-B8E4-90B7CB1473A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1F029903-44CE-4ECF-84BE-BE02C59B4363}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{955363B4-FD48-4F90-ACF4-326022B74E18}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7106154F-FEBA-4363-A009-49B3FC0DE8F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E4DF9989-C7AD-489E-A2AD-4E282B547AC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{661440AC-EB30-4A33-83AB-33238A1069C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F09FF4AD-40D9-47E4-A94D-00A892E3B69A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5244CCB-4933-400F-AF89-D23497471CDD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
11-04-2025 13:10:24 Instalační služba modulů systému Windows
12-04-2025 10:07:08 AdwCleaner_BeforeCleaning_12/04/2025_10:07:06
12-04-2025 10:29:24 JRT Pre-Junkware Removal
20-04-2025 14:01:40 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/20/2025 04:39:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Acrobat.exe, verze: 25.1.20435.0, časové razítko: 0x67d2292d
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5438, časové razítko: 0xab0dece3
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000649e6
ID chybujícího procesu: 0x5a8
Čas spuštění chybující aplikace: 0x01dbb201e153f26e
Cesta k chybující aplikaci: C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 6e95f5ef-5b8d-4ed1-a18f-d5cb235cee69
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/20/2025 03:55:56 PM) (Source: WMIRegistrationService) (EventID: 3) (User: )
Description: Intel(R) WMI Registration Service has failed WMI Registration.
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/20/2025 02:17:06 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
System errors:
=============
Error: (04/23/2025 08:47:45 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/22/2025 09:28:33 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 06:40:44 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 06:39:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Error: (04/20/2025 06:36:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/20/2025 06:36:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (04/20/2025 06:23:26 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/20/2025 06:21:41 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime byla ukončena s následující chybou:
%%3489660935
Windows Defender:
================
Date: 2025-03-29 17:57:53
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-16 13:14:17
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUABundler:Win32/MediaGet
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Users\danhe\Downloads\MediaGet_id2579218ids1s.exe; file:_C:\Users\danhe\Downloads\MediaGet_id2584295ids1s.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1673.0, AS: 1.421.1673.0, NIS: 1.421.1673.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2025-02-16 12:55:01
Description:
Antivirová ochrana v programu Microsoft Defender has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUABundler:Win32/MediaGet
Severity: Nízké
Category: Potenciálně nežádoucí software
Path: file:_C:\Users\danhe\Downloads\MediaGet_id2579218ids1s.exe
Detection Origin: Místní počítač
Detection Type: Konkrétní
Detection Source: Ochrana v reálném čase
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.421.1673.0, AS: 1.421.1673.0, NIS: 1.421.1673.0
Engine Version: AM: 1.1.24090.11, NIS: 1.1.24090.11
Date: 2025-02-03 21:37:53
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2025-02-03 20:32:31
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2025-04-20 14:23:27
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070005
Error description: Přístup byl odepřen.
Date: 2025-04-20 14:06:09
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-04-20 14:06:09
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-04-20 14:06:09
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.227.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-04-11 13:34:58
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.421.1927.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25010.7
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2025-04-11 21:10:39
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-11 16:35:24
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO R0DETA6W (2.06 ) 01/27/2022
Motherboard: LENOVO 20H500B9MC
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 8094.88 MB
Available physical RAM: 4231.21 MB
Total Virtual: 9054.88 MB
Available Virtual: 4710.01 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:871.01 GB) (Model: WDC WD10JPVX-08JC3T6) NTFS
\\?\Volume{63eb764e-0b86-4717-af92-b4fcde7458b2}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.3 GB) NTFS
\\?\Volume{74f36a0b-dda2-4647-aba7-001594082c7a}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EF529C83)
Partition: GPT.
==================== End of Addition.txt =======================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43273
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
Re: Pomalý NTB - log HTJ
OK.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
---------------------------------------------------------------------------------------------------
Available physical RAM: 4231.21 MB
Možná by stálo za to přidat paměti RAM , alespoň na 8GB.
---------------------------------------------------------------------------------------------------
C:\WINDOWS\Minidump\041125-35937-01.dmp
Označenou složku minidump mi pošli někam na server a vlož mi sem odkaz na stažení..
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CreateRestorePoint:
CloseProcesses:
Task: {18E66086-7E78-4243-88B4-AC26401EAC37} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {338BB013-B92E-4190-8D65-A7A18A0B0AB4} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {50B19D8B-6FA4-45A0-B59E-6335E0133A8D} - \Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524 -> No File <==== ATTENTION
Task: {6962EA04-661C-4426-96E9-ACADDBB7CF59} - \Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5 -> No File <==== ATTENTION
Task: {89F01A90-A27E-425F-8E12-B48A7227B742} - \Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71 -> No File <==== ATTENTION
Task: {983995DD-C3B5-4594-A248-61B33ECF995E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CE739301-04FA-44F7-9987-E3EBFA3F6E80} - \Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0 -> No File <==== ATTENTION
Task: {DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4} - \Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2 -> No File <==== ATTENTION
Task: {A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {B4937E11-A252-4B89-A440-7C5700A0CEF5} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe" (No File)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{1F029903-44CE-4ECF-84BE-BE02C59B4363}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
---------------------------------------------------------------------------------------------------
Available physical RAM: 4231.21 MB
Možná by stálo za to přidat paměti RAM , alespoň na 8GB.
---------------------------------------------------------------------------------------------------
C:\WINDOWS\Minidump\041125-35937-01.dmp
Označenou složku minidump mi pošli někam na server a vlož mi sem odkaz na stažení..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
Tak snad jsem to podle krásně polopatických pokynů zvládl. Notepad docela umím používat, kopírování a vkládání textu taky, naopak netuším, jak "přidávat" paměť (nový hardware?), a už vůbec nedokážu svou složku uložit na nějaký server a poslat odkaz. To je na mě moc. Díky.
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-04-2025
Ran by danhe (01-05-2025 11:11:03) Run:1
Running from C:\Users\danhe\OneDrive\Desktop
Loaded Profiles: danhe
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {18E66086-7E78-4243-88B4-AC26401EAC37} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {338BB013-B92E-4190-8D65-A7A18A0B0AB4} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {50B19D8B-6FA4-45A0-B59E-6335E0133A8D} - \Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524 -> No File <==== ATTENTION
Task: {6962EA04-661C-4426-96E9-ACADDBB7CF59} - \Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5 -> No File <==== ATTENTION
Task: {89F01A90-A27E-425F-8E12-B48A7227B742} - \Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71 -> No File <==== ATTENTION
Task: {983995DD-C3B5-4594-A248-61B33ECF995E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CE739301-04FA-44F7-9987-E3EBFA3F6E80} - \Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0 -> No File <==== ATTENTION
Task: {DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4} - \Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2 -> No File <==== ATTENTION
Task: {A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {B4937E11-A252-4B89-A440-7C5700A0CEF5} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe" (No File)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{1F029903-44CE-4ECF-84BE-BE02C59B4363}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18E66086-7E78-4243-88B4-AC26401EAC37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18E66086-7E78-4243-88B4-AC26401EAC37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{338BB013-B92E-4190-8D65-A7A18A0B0AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{338BB013-B92E-4190-8D65-A7A18A0B0AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50B19D8B-6FA4-45A0-B59E-6335E0133A8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50B19D8B-6FA4-45A0-B59E-6335E0133A8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6962EA04-661C-4426-96E9-ACADDBB7CF59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6962EA04-661C-4426-96E9-ACADDBB7CF59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89F01A90-A27E-425F-8E12-B48A7227B742}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89F01A90-A27E-425F-8E12-B48A7227B742}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{983995DD-C3B5-4594-A248-61B33ECF995E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{983995DD-C3B5-4594-A248-61B33ECF995E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE739301-04FA-44F7-9987-E3EBFA3F6E80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE739301-04FA-44F7-9987-E3EBFA3F6E80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4937E11-A252-4B89-A440-7C5700A0CEF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4937E11-A252-4B89-A440-7C5700A0CEF5}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Power Manager\Background monitor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Power Manager\Background monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task v2" => removed successfully
HKLM\SOFTWARE\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F029903-44CE-4ECF-84BE-BE02C59B4363}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30813697 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 281630484 B
Edge => 0 B
Chrome => 480820030 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 78 B
systemprofile32 => 78 B
LocalService => 70882 B
NetworkService => 97820 B
danhe => 19374991 B
RecycleBin => 2409492 B
EmptyTemp: => 777.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:13:47 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 27-04-2025
Ran by danhe (01-05-2025 11:11:03) Run:1
Running from C:\Users\danhe\OneDrive\Desktop
Loaded Profiles: danhe
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {18E66086-7E78-4243-88B4-AC26401EAC37} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {338BB013-B92E-4190-8D65-A7A18A0B0AB4} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {50B19D8B-6FA4-45A0-B59E-6335E0133A8D} - \Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524 -> No File <==== ATTENTION
Task: {6962EA04-661C-4426-96E9-ACADDBB7CF59} - \Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5 -> No File <==== ATTENTION
Task: {89F01A90-A27E-425F-8E12-B48A7227B742} - \Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71 -> No File <==== ATTENTION
Task: {983995DD-C3B5-4594-A248-61B33ECF995E} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CE739301-04FA-44F7-9987-E3EBFA3F6E80} - \Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0 -> No File <==== ATTENTION
Task: {DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4} - \Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2 -> No File <==== ATTENTION
Task: {A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {B4937E11-A252-4B89-A440-7C5700A0CEF5} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe" (No File)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - System32\Tasks\OneDrive Standalone Update Task v2 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\danhe\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{1F029903-44CE-4ECF-84BE-BE02C59B4363}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
FirewallRules: [{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}] => (Allow) C:\Program Files\Fortect\MainService.exe => No File
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{18E66086-7E78-4243-88B4-AC26401EAC37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18E66086-7E78-4243-88B4-AC26401EAC37}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{338BB013-B92E-4190-8D65-A7A18A0B0AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{338BB013-B92E-4190-8D65-A7A18A0B0AB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50B19D8B-6FA4-45A0-B59E-6335E0133A8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50B19D8B-6FA4-45A0-B59E-6335E0133A8D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\9ed3e06f-7930-45d0-8d6b-09af0edd4524" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6962EA04-661C-4426-96E9-ACADDBB7CF59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6962EA04-661C-4426-96E9-ACADDBB7CF59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\a4066dd1-4e8e-4d9e-b72e-b20145fbf0b5" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89F01A90-A27E-425F-8E12-B48A7227B742}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89F01A90-A27E-425F-8E12-B48A7227B742}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\e974dac5-6400-4c45-aa3e-a09141455f71" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{983995DD-C3B5-4594-A248-61B33ECF995E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{983995DD-C3B5-4594-A248-61B33ECF995E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE739301-04FA-44F7-9987-E3EBFA3F6E80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE739301-04FA-44F7-9987-E3EBFA3F6E80}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\c246aa54-af6c-4b08-b3df-b78d010394d0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DFB8FFD4-EDD3-4A05-AC71-B9271F0C0DB4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\ImController\TimeBasedEvents\5c2408f3-a4c5-446f-bfcb-41fac53e60f2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6C071C3-FD39-4CD5-AC2F-E155E0F8BFD7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{17C29FAA-C634-4B2C-B736-08F824AA3B5E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4937E11-A252-4B89-A440-7C5700A0CEF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4937E11-A252-4B89-A440-7C5700A0CEF5}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Power Manager\Background monitor => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Power Manager\Background monitor" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task v2" => removed successfully
HKLM\SOFTWARE\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Edge\Extensions\bojobppfploabceghnmlahpoonbcbacn => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA} => removed successfully
HKU\S-1-5-21-3731836364-314722761-3889886357-1001_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1F029903-44CE-4ECF-84BE-BE02C59B4363}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{25A229E4-189A-4C69-9EF0-EC5E2F585CA1}" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 30813697 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 281630484 B
Edge => 0 B
Chrome => 480820030 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 78 B
systemprofile32 => 78 B
LocalService => 70882 B
NetworkService => 97820 B
danhe => 19374991 B
RecycleBin => 2409492 B
EmptyTemp: => 777.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 11:13:47 ====
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43273
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
Re: Pomalý NTB - log HTJ
Co problémy? Je to lepší?
Složku minidump zararuj a pošli třeba na
https://datoid.cz/
Zkopíruj odkaz na stažení a vlož ho sem.
Přidat paměť RAM , podle možnsti pro Tvůj notebook. Ano je to HW. Vkládá se na zadní straně je tam šroubek. Vše ve vypnutém stavu a při vyndané baterii.
Složku minidump zararuj a pošli třeba na
https://datoid.cz/
Zkopíruj odkaz na stažení a vlož ho sem.
Přidat paměť RAM , podle možnsti pro Tvůj notebook. Ano je to HW. Vkládá se na zadní straně je tam šroubek. Vše ve vypnutém stavu a při vyndané baterii.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
hukuj
- Level 1.5
- Příspěvky: 119
- Registrován: září 10
- Bydliště: Brno
- Pohlaví:
Re: Pomalý NTB - log HTJ
Tak,
zdá se, že je to (rychlost) fakt lepší. Nevím, jestli úplně, jak to má být, ale o dost. Co se pokynů týče, tak RARovat sice taky umím, ale poprvé jsem nahrával soubor na nějakej server. Byl to oříšek, ale asi jsem to nakonec zvládl (ačkoliv nevím co je tag, takže to jsem tam nevyplnil). Ten odkaz je snad toto - https://datoid.cz/DyyOti/minidump-rar
zdá se, že je to (rychlost) fakt lepší. Nevím, jestli úplně, jak to má být, ale o dost. Co se pokynů týče, tak RARovat sice taky umím, ale poprvé jsem nahrával soubor na nějakej server. Byl to oříšek, ale asi jsem to nakonec zvládl (ačkoliv nevím co je tag, takže to jsem tam nevyplnil). Ten odkaz je snad toto - https://datoid.cz/DyyOti/minidump-rar
Kdo je online
Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 112 hostů