Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kotrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
WarWalker
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 13 bře 2013 19:58

Prosím o kotrolu logu

#1 Příspěvek od WarWalker »

Ahoj, moc zdravím a prosím o kontrolu logu z FRST.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2024
Ran by vitbo (administrator) on DESKTOP-4A5N90E (LENOVO 20YG006KCK) (30-11-2024 20:17:38)
Running from C:\Users\vitbo\Desktop\FRST64.exe
Loaded Profiles: vitbo
Platform: Microsoft Windows 11 Pro Version 23H2 22631.4460 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantage-(VantageCoreAddin).exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\vitbo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_943df24ce165050e\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_5eb3d885b4be7866\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FN4C4E~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_5eb3d885b4be7866\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FN4C4E~1.INF\driver\tposd.exe
(DriverStore\FileRepository\u0395858.inf_amd64_a4deb3f74f2297db\B395725\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0395858.inf_amd64_a4deb3f74f2297db\B395725\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (HP Inc. -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0395858.inf_amd64_a4deb3f74f2297db\B395725\atiesrxx.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_943df24ce165050e\DAX3API.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(services.exe ->) (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\System32\drivers\Lenovo\udc\Service\UDClientService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_5eb3d885b4be7866\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c7ee80e7f3d3c3de\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_64fe83bb6fa2a9a7\x64\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\ElevocControlService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ed3f04e1261e4822\RtkAudUService64.exe <3>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\Endpoint Telemetry Service\vmwetlm.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.200.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-3662661212-3872397067-606727941-1001\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2572960 2021-12-02] (HP Inc. -> Hewlett-Packard Co.)
HKLM\...\Windows x64\Print Processors\us016PC: C:\Windows\System32\spool\prtprocs\x64\us016pc.dll [61736 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\HP B011 Status Monitor: C:\WINDOWS\system32\hpinkstsB011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3520 series): C:\WINDOWS\system32\HPDiscoPMB011.dll [741536 2021-12-02] (HP Inc. -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\us016 Langmon: C:\WINDOWS\system32\us016lm.dll [40744 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {131D85F9-0324-41CF-91B2-F30ACED4534C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {A59DA58B-16E3-427B-B5C5-6097C98225A9} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {984E49B0-FF82-4FB5-800C-0C86E35916E2} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "6fca9ecc-10f3-40f0-ae7b-f7549d0f3182" --version "6.30.11385" --silent
Task: {4E8ADCB9-F880-459D-AF0B-A0EDA70D7023} - System32\Tasks\CCleanerSkipUAC - vitbo => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {AD959D19-0BB7-4B66-96DB-E1FCE0A562FF} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-11-08] (Garmin International, Inc. -> )
Task: {82D23CDB-3C23-4615-989A-BC1BDC9BFC19} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{9B369974-4B88-4D7E-A763-F18CCCF8D2FA} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {41DA2716-838E-4FE9-92D7-FFEC16330863} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-15] (HP Inc. -> HP Inc.)
Task: {248270D1-6F23-4C44-8A06-7CE1C6712284} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-15] (HP Inc. -> HP Inc.)
Task: {08894854-AFD9-4503-B263-D0F0EFDCB13F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {6904AAEC-C01C-496D-9C19-38EC7EB801F6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {A7F013C7-D83C-4303-AAB1-3ACAE9AC8F02} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [102400 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {40C3A852-FA4D-4B5D-B1DD-52F7602739FE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\00dc5265-02d1-48a4-9c10-8ffe5f3ea48b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {43F6BFEB-3B48-485D-9D05-964D0B0DFC0C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0788ab17-452f-4272-a2ee-87b388f25abf => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {1B7948B0-9FB7-4416-9B22-651463FB11DD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6e25bd05-5277-42d3-a6c8-5a3e936a82db => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {7BBCA0C6-AB28-46A9-A9ED-C0652EEF9D3C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\94997546-1bfa-4b92-aea9-01c06e5f2abc => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {7615BBC5-538E-4EA6-95EA-BFDD562CAC4F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b71baa75-f608-4d0f-8938-ae93be90d62a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {59D672BB-7BEB-4615-A65D-0AB55EC4E60C} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3662661212-3872397067-606727941-1001 => C:\Users\vitbo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {52C8A15D-79CD-44F2-A435-C000EFE99429} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-26] (Lenovo -> Lenovo)
Task: {BED030C8-8ED4-4862-B1B0-3050AED92C6C} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {B4A4F436-C23F-4A91-BA9D-5E49B9475733} - System32\Tasks\Lenovo\UDC\Lenovo UDC Diagnostic Scan => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> control udcservice 210
Task: {32DD95E3-BAFD-4C98-B2EB-4AFF00D7263D} - System32\Tasks\Lenovo\UDC\Lenovo UDC Idle Monitor => C:\windows\system32\drivers\Lenovo\udc\Service\UDCUserAgent.exe [90976 2024-04-07] (Lenovo -> Lenovo Group Ltd.) -> C:\windows\system32\drivers\Lenovo\udc\Service\/onidle
Task: {4B196A91-DA90-4894-906F-1E63314FB5FD} - System32\Tasks\Lenovo\UDC\Lenovo UDC Monitor => C:\WINDOWS\system32\drivers\lenovo\udc\data\InfBackup\UdcInfInstaller.exe [188656 2024-04-07] (Lenovo -> Lenovo Group Ltd.)
Task: {AACF966E-AE8A-478B-A1DD-52522790C2EE} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {CA9EAA41-3FDA-454D-ABEB-57C23F0E2967} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {AF35AE2E-F93F-49FD-AA1B-367A0F3CEAA0} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {CCC30C8A-8BC9-4EC0-9241-D693B66231A3} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {9BC4B7C7-6061-409D-B777-9E9B6E26D6FE} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {78CA21E0-70A1-4F3F-8228-924445734E91} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {9BAFE190-46CD-4C55-A4A5-1E1F9E9742B4} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {3311B8B6-1F05-4DF2-87E5-B6EEB22BECAB} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {1903A146-F556-469D-A075-7C6B986A6822} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {C2C7C385-D06B-403B-968D-4EFD0D61918B} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {7B1A0524-1321-4DDA-A799-DEC9F50EB825} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.181\x64\IdleScheduleEventAction.exe [143768 2024-11-01] (Lenovo -> )
Task: {36083DF4-664F-4C7C-96C1-1049DE39DA36} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {3428C5E1-0307-44B8-9CFA-512ED80FC7FC} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.5.27.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: {74D6BA04-DFD0-4432-849D-44F8E7183006} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {55EFF523-3866-4DCF-80DE-76CD6676107A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {500148A9-A814-4644-A790-87CF711AD043} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {1308E684-ED80-4566-BA0A-5217401EF813} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7E2BFF9-1186-4AE2-920A-A8E55F473293} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB6A1C7A-6BF8-403E-BD95-58A8C7F5765B} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [187600 2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {704F13A1-756D-45C8-B34D-52349429AA18} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4463024 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {762DE2DE-6AE3-4422-95F7-24DBDD33B0FF} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXvGPUDisableTask => %windir%\System32\RemoteFXvGPUDisablement.exe Disable (No File)
Task: {6A9D8C4B-44BE-4D2B-B302-C5D22C3D123F} - System32\Tasks\Microsoft\Windows\termsrv\RemoteFX\RemoteFXWarningTask => %windir%\System32\RemoteFXvGPUDisablement.exe Warning (No File)
Task: {72D69FF6-B32D-4457-A5C8-DA2D7BEE674A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {A7F03547-9EFD-49D9-804B-8138F5329F53} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {79235077-7060-41FF-9AC4-F5E651C33E21} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {AEBC3876-B585-48CB-BE34-6360C903F58F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7A9E360A-02C9-4697-AE1A-C6F6EE31BDEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43053738-BD50-43DF-91F3-B8BC81BD417B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {09F6D765-0BAA-4993-A492-01B217506B99} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7BF89F8D-D510-48B0-B34A-931F27D9FFDE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-30] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {62E1AD0D-C645-42BE-B551-8111234EA829} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3662661212-3872397067-606727941-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-30] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {E9694431-1AF2-4185-A7A6-2610B0BD610B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {96047E13-8AF3-4F88-BE74-95CDF0FC21ED} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E732C8EC-F9E8-4324-8D27-807EC42E7A64} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3662661212-3872397067-606727941-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209184 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {059FADC0-D533-4BD7-AEAA-1379935DDDED} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [323584 2024-11-18] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "C:\Users\vitbo\Downloads\AdwCleaner(2).exe"
Task: {C46D9B1E-7C1F-45F9-BAC7-6A48AC4B411D} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_ed3f04e1261e4822\RtkAudUService64.exe [3500400 2022-06-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8D810B8C-1CFA-4562-8F6B-51D74D328917} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-16] (Lenovo -> )
Task: {584469D1-B802-445B-811D-92FA993F1B6D} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-16] (Lenovo -> )
Task: {5F3B785E-F885-475D-86F6-4A723BC59A55} - System32\Tasks\Uninstall AdwCleaner Application => C:\Users\vitbo\Downloads\AdwCleaner(2).exe [8790880 2024-11-02] (Malwarebytes Inc. -> Malwarebytes)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.178.83.78 195.178.83.68
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}: [DhcpNameServer] 195.178.83.78 195.178.83.68
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}: [DhcpDomain] fnbrno.cz
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}\255646D69602E4F64756021323020527F6025374: [DhcpNameServer] 192.168.255.231
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}\4505D2C496E6B6F524036364F55374: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}\4505D2C496E6B6F534146403: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}\D455E494: [DhcpNameServer] 147.251.4.33 147.251.6.10
Tcpip\..\Interfaces\{f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}\D455E494: [DhcpDomain] muni.cz

Edge:
=======
Edge Profile: C:\Users\vitbo\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-30]
Edge Extension: (Dokumenty Google offline) - C:\Users\vitbo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-04]
Edge Extension: (Edge relevant text changes) - C:\Users\vitbo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-19]

FireFox:
========
FF DefaultProfile: 9px8nnn5.default
FF ProfilePath: C:\Users\vitbo\AppData\Roaming\Mozilla\Firefox\Profiles\9px8nnn5.default [2022-01-04]
FF ProfilePath: C:\Users\vitbo\AppData\Roaming\Mozilla\Firefox\Profiles\8k298h2d.default-release [2024-11-30]
FF Homepage: Mozilla\Firefox\Profiles\8k298h2d.default-release -> www.seznam.cz
FF Session Restore: Mozilla\Firefox\Profiles\8k298h2d.default-release -> is enabled.
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\vitbo\AppData\Roaming\Mozilla\Firefox\Profiles\8k298h2d.default-release\Extensions\@windscribeff.xpi [2023-11-11]
FF Extension: (uBlock Origin) - C:\Users\vitbo\AppData\Roaming\Mozilla\Firefox\Profiles\8k298h2d.default-release\Extensions\uBlock0@raymondhill.net.xpi [2024-11-26]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-11-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-09-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\vitbo\AppData\Local\Google\Chrome\User Data\Default [2024-11-30]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (uBlock Origin) - C:\Users\vitbo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\vitbo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\vitbo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ABBYY.Licensing.FineReader.16.0; C:\Program Files\Common Files\ABBYY\FineReader\16\Licensing\NetworkLicenseServer.exe [1528968 2023-01-18] (ABBYY Development Inc. -> ABBYY Development, Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13652176 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [631232 2024-03-22] (VMware, Inc. -> VMware, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_943df24ce165050e\DAX3API.exe [2298952 2022-08-10] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 ElevocService; C:\WINDOWS\System32\ElevocControlService.exe [326592 2022-09-01] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncHelper.exe [3526688 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [483400 2022-11-21] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [303688 2023-10-25] (FabulaTech, LLP -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-15] (HP Inc. -> HP Inc.)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c7ee80e7f3d3c3de\x64\ibmpmsvc.exe [1031408 2024-05-31] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
S4 LenovoBrightCtrl; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_64fe83bb6fa2a9a7\x64\BrightnessControl.exe [160080 2024-07-30] (Lenovo -> Lenovo.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
R2 LITSSVC; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_64fe83bb6fa2a9a7\x64\LITSSvc.exe [1099592 2024-07-30] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c7ee80e7f3d3c3de\x64\LPlatSvc.exe [916312 2024-05-31] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.216.1027.0003\OneDriveUpdaterService.exe [3872800 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
R2 SamsungUPDUtilSvc; C:\WINDOWS\SysWOW64\SecUPDUtilSvc.exe [143664 2015-02-07] (Samsung Electronics CO., LTD. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-11-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16907064 2023-02-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_5eb3d885b4be7866\driver\TPHKLOAD.exe [256480 2024-07-30] (Lenovo -> Lenovo)
R2 UDCService; C:\WINDOWS\system32\DRIVERS\Lenovo\udc\Service\UDClientService.exe [72432 2024-04-07] (Lenovo -> Lenovo Group Ltd.)
R2 vmwetlm; C:\Program Files\VMware\Endpoint Telemetry Service\vmwetlm.exe [6327256 2024-01-09] (VMware, Inc. -> VMware, Inc.)
S3 VMWOSQEXT; C:\Program Files\VMware\Endpoint Telemetry Service\vmwosqext.exe [3758512 2023-12-26] (VMware, Inc. -> VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [803400 2023-04-04] (FabulaTech, LLP -> VMware)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [25584 2023-11-07] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0395858.inf_amd64_a4deb3f74f2297db\B395725\amdkmdag.sys [99747448 2023-11-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CLOUDx64; C:\WINDOWS\system32\DRIVERS\CLOUDx64.sys [70232 2019-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Identiv)
R2 hcmon; C:\WINDOWS\system32\DRIVERS\hcmon.sys [72144 2024-01-19] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c7ee80e7f3d3c3de\x64\ibmpmdrv.sys [56664 2024-05-31] (Lenovo -> Lenovo)
R3 MpKsl3afdee2c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2D62A6EC-C109-48A5-AC17-B822CBF79D52}\MpKslDrv.sys [267552 2024-11-30] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_c7ee80e7f3d3c3de\x64\pmdrvs.sys [42328 2024-05-31] (Lenovo -> Lenovo)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-02] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
S3 vmusb; C:\WINDOWS\System32\drivers\vmusb.sys [57296 2024-01-19] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.)
S3 vmwprotect; C:\WINDOWS\system32\DRIVERS\vmwprotect.sys [176144 2024-03-18] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-30 20:17 - 2024-11-30 20:18 - 000036545 _____ C:\Users\vitbo\Desktop\FRST.txt
2024-11-30 20:16 - 2024-11-30 20:16 - 002402816 _____ (Farbar) C:\Users\vitbo\Desktop\FRST64.exe
2024-11-30 19:34 - 2024-11-30 19:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2024-11-30 19:34 - 2024-11-30 19:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2024-11-30 19:25 - 2024-11-30 19:25 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2024-11-30 19:24 - 2024-11-30 19:25 - 086350104 _____ (Piriform Software Ltd) C:\Users\vitbo\Downloads\ccsetup630.exe
2024-11-30 19:10 - 2024-11-30 19:10 - 000000000 ____D C:\WINDOWS\LastGood
2024-11-30 19:10 - 2024-11-19 14:07 - 011630632 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2024-11-30 19:09 - 2024-11-30 19:09 - 000051746 _____ C:\Users\vitbo\Documents\cc_20241130_190935.reg
2024-11-30 19:07 - 2024-11-30 19:21 - 000000000 ____D C:\Users\vitbo\AppData\Local\Malwarebytes
2024-11-30 19:05 - 2024-11-30 19:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-30 19:04 - 2024-11-30 19:04 - 002744320 _____ (Malwarebytes) C:\Users\vitbo\Downloads\MBSetup(1).exe
2024-11-30 18:14 - 2024-11-30 18:14 - 000727012 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-30 18:14 - 2024-11-30 18:14 - 000151244 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-30 17:33 - 2024-11-30 18:05 - 000000000 ____D C:\Users\vitbo\Desktop\Nová složka
2024-11-18 21:52 - 2024-11-18 21:52 - 000026650 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-18 21:51 - 2024-11-18 21:51 - 000026650 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-11-18 21:47 - 2024-11-30 18:05 - 000000000 ___HD C:\$WinREAgent
2024-11-09 19:30 - 2024-11-09 19:31 - 000000000 ____D C:\Users\vitbo\Downloads\Das Leben der Anderen aka The Lives of Others (2006) - 1080p x265 HEVC - ITA_GER (ENG SUBS) [BRSHNKV]
2024-11-09 19:29 - 2024-11-16 09:32 - 000000000 ____D C:\Users\vitbo\AppData\LocalLow\uTorrent
2024-11-05 21:27 - 2024-11-05 21:27 - 000515254 _____ C:\Users\vitbo\Documents\cc_20241105_212728.reg
2024-11-02 09:32 - 2024-11-02 09:33 - 000000000 ____D C:\AdwCleaner
2024-11-02 09:32 - 2024-11-02 09:32 - 008790880 _____ (Malwarebytes) C:\Users\vitbo\Downloads\adwcleaner(2).exe
2024-10-31 18:40 - 2024-10-31 18:40 - 000000000 ____D C:\Program Files\Common Files\DESIGNER

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-30 20:17 - 2022-03-12 15:24 - 000000000 ____D C:\FRST
2024-11-30 20:11 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-30 20:06 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-30 19:46 - 2024-10-27 10:21 - 000000000 ___RD C:\Users\vitbo\Downloads\hgre
2024-11-30 19:45 - 2022-01-04 13:35 - 000000000 ____D C:\Users\vitbo\AppData\Roaming\vlc
2024-11-30 19:34 - 2022-01-04 12:50 - 000000000 ____D C:\WINDOWS\TempInst
2024-11-30 19:34 - 2021-08-14 16:10 - 000000000 ____D C:\ProgramData\Lenovo
2024-11-30 19:33 - 2022-04-02 11:42 - 000000000 ____D C:\Users\vitbo\AppData\Roaming\Microsoft\MMC
2024-11-30 19:33 - 2022-01-05 16:38 - 000000000 ____D C:\Users\vitbo\AppData\Local\LenovoServiceBridge
2024-11-30 19:33 - 2021-08-14 15:30 - 000000000 ____D C:\Program Files (x86)\Lenovo
2024-11-30 19:27 - 2022-02-14 19:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-11-30 19:26 - 2023-06-11 10:23 - 000000000 ____D C:\Program Files\CCleaner
2024-11-30 19:26 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-11-30 19:25 - 2023-06-11 10:23 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-30 19:25 - 2023-06-11 10:23 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-11-30 19:25 - 2023-06-11 10:23 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-30 19:25 - 2022-04-17 15:47 - 000000000 ____D C:\Users\vitbo\AppData\Local\CrashDumps
2024-11-30 19:21 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-11-30 19:21 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2024-11-30 19:11 - 2024-01-18 20:46 - 000002762 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2024-11-30 19:10 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-30 19:10 - 2022-01-04 15:20 - 000000000 ____D C:\Users\vitbo\AppData\Roaming\uTorrent
2024-11-30 19:10 - 2022-01-04 12:51 - 000000000 ____D C:\ProgramData\Packages
2024-11-30 19:10 - 2022-01-04 12:43 - 000000000 ____D C:\Users\vitbo\AppData\Local\Packages
2024-11-30 19:06 - 2022-10-04 20:23 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-11-30 19:06 - 2022-01-04 13:06 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-30 19:00 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-30 18:59 - 2022-10-04 20:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-30 18:26 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-30 18:19 - 2021-08-14 15:21 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-30 18:18 - 2022-10-04 20:03 - 000000000 ____D C:\Users\vitbo
2024-11-30 18:14 - 2022-10-04 20:25 - 001718028 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-30 18:10 - 2023-04-13 15:58 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2024-11-30 18:10 - 2022-10-04 20:23 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-30 18:10 - 2022-06-30 20:19 - 000000000 ____D C:\Program Files\TeamViewer
2024-11-30 18:10 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-11-30 18:10 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-30 18:09 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-11-30 18:08 - 2022-10-04 20:21 - 000519224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-30 18:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-11-30 18:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-30 18:08 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-30 18:07 - 2023-10-14 22:04 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-11-30 18:07 - 2022-05-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-30 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-30 18:07 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing
2024-11-30 18:05 - 2022-05-07 06:25 - 000000000 ____D C:\WINDOWS\system32\Pbr
2024-11-30 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2024-11-30 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2024-11-30 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-11-30 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\IME
2024-11-30 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Containers
2024-11-30 18:05 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-30 18:05 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2024-11-30 17:38 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\registration
2024-11-30 17:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps
2024-11-30 17:37 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME
2024-11-30 11:02 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-11-28 21:48 - 2024-04-11 10:59 - 000000000 ____D C:\Users\vitbo\AppData\Roaming\VMware
2024-11-28 21:48 - 2022-10-04 15:28 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-11-25 21:07 - 2023-12-02 17:13 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-11-25 21:07 - 2023-12-01 12:52 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-11-25 21:07 - 2023-12-01 12:52 - 000002137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-25 21:07 - 2022-10-04 20:23 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3662661212-3872397067-606727941-1001
2024-11-24 14:01 - 2022-10-04 20:23 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-24 14:01 - 2022-10-04 20:23 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-22 20:00 - 2022-01-04 13:10 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-20 08:25 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-20 08:24 - 2022-01-04 17:14 - 000000000 ____D C:\ProgramData\Package Cache
2024-11-20 08:23 - 2024-04-11 10:58 - 000000000 ____D C:\Program Files\dotnet
2024-11-20 08:18 - 2022-01-05 19:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-18 22:32 - 2022-01-05 19:20 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-18 21:23 - 2022-10-11 16:14 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-11-18 21:23 - 2022-10-04 20:23 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-11-17 22:07 - 2021-08-14 15:25 - 000000000 ____D C:\Program Files\Microsoft Office
2024-11-16 09:32 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-11-16 09:31 - 2022-01-04 15:21 - 000000000 ____D C:\Users\vitbo\AppData\Local\BitTorrentHelper
2024-11-09 19:45 - 2022-01-04 12:43 - 000000000 ____D C:\Users\vitbo\AppData\Local\D3DSCache

==================== Files in the root of some directories ========

2022-03-05 13:04 - 2022-03-05 13:04 - 000000716 ____H () C:\Users\vitbo\AppData\Roaming\{1E00B4B6-7E41-CF8B-B987-8216E6CEB9DB}
2022-03-05 13:34 - 2022-03-05 13:34 - 000000812 _____ () C:\Users\vitbo\AppData\Local\recently-used.xbel
2022-04-02 11:42 - 2022-04-02 11:42 - 000000017 _____ () C:\Users\vitbo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-11-2024
Ran by vitbo (30-11-2024 20:19:17)
Running from C:\Users\vitbo\Desktop
Microsoft Windows 11 Pro Version 23H2 22631.4460 (X64) (2022-10-04 19:23:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3662661212-3872397067-606727941-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3662661212-3872397067-606727941-503 - Limited - Disabled)
Guest (S-1-5-21-3662661212-3872397067-606727941-501 - Limited - Disabled)
vitbo (S-1-5-21-3662661212-3872397067-606727941-1001 - Administrator - Enabled) => C:\Users\vitbo
WDAGUtilityAccount (S-1-5-21-3662661212-3872397067-606727941-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.004.20272 - Adobe)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_12_4) (Version: 12.4 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ANT Drivers Installer x64 (HKLM\...\{0BF83190-D1BA-47CA-A5E6-E797493750D5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1093 - AB Team, d.o.o.)
Call of Duty 4 - Modern Warfare (HKLM-x32\...\Call of Duty 4 - Modern Warfare_is1) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 6.30 - Piriform)
Company of Heroes - Complete Edition (HKLM-x32\...\Company of Heroes - Complete Edition_is1) (Version: - )
Elevated Installer (HKLM-x32\...\{31F8CD22-7D8B-4DD0-9209-D665F4BDEAA1}) (Version: 7.19.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{d4427e43-5c93-47bd-a2b8-562143a25da4}) (Version: 7.19.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{F98122D4-8FDF-4F30-83F7-CC731BC65B87}) (Version: 7.19.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
JPEGmini Pro (HKLM-x32\...\{4A3DD0F0-7D85-4E6A-8A83-0284268F9C9C}) (Version: 3.3.0.0 - Beamr Imaging Ltd)
Lenovo Service Bridge (HKU\S-1-5-21-3662661212-3872397067-606727941-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0139 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
Microsoft .NET Host - 6.0.36 (x64) (HKLM\...\{D6932D97-36F1-40B8-9CDC-CA8365B21000}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.36 (x64) (HKLM\...\{A9E32B25-994B-4856-A12B-0EBED3050410}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.36 (x64) (HKLM\...\{C912E33F-956A-4921-9F55-CC11AE8F09AF}) (Version: 48.144.23141 - Microsoft Corporation) Hidden
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.18129.20158 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.70 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.216.1027.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM\...\{61D4736B-3325-4D4A-BD41-8BD206C6A86E}) (Version: 48.144.23186 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.36 (x64) (HKLM-x32\...\{0532b8f2-12d7-43de-95fc-7b87006758a8}) (Version: 6.0.36.34217 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0 (x64 cs)) (Version: 133.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20100 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20158 - Microsoft Corporation) Hidden
Revo Uninstaller 2.5.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.0 - VS Revo Group, Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.)
SoftMaker FreeOffice 2021 (HKLM-x32\...\{2847114B-5340-4F32-8E22-44DCDFEA77EF}) (Version: 1.0.5340 - SoftMaker Software GmbH)
Spotify (HKU\S-1-5-21-3662661212-3872397067-606727941-1001\...\Spotify) (Version: 1.2.45.454.gc16ec9f6 - Spotify AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.6.0.24078 - Microsoft Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.39.5 - TeamViewer)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN)
VMware Horizon Client (HKLM\...\{6143E07B-39E7-42C7-85FF-FDB0693443DC}) (Version: 8.12.1.44700 - VMware, Inc.) Hidden
VMware Horizon Client (HKLM-x32\...\{92345b76-93b7-4ee3-8541-db7a7df619e5}) (Version: 8.12.1.44700 - VMware, Inc.)
VMware Horizon HTML5 Multimedia Redirection Client (HKLM\...\{26084D90-0229-4757-B609-CEC89B4BEE3A}) (Version: 8.12.1 - VMware, Inc.) Hidden
VMware Horizon Media Redirection for Microsoft Teams (HKLM\...\{595EF4D8-03AA-4486-BC12-F8F5F8450A59}) (Version: 8.12.1 - VMware, Inc.) Hidden
Základní software zařízení HP Deskjet 3520 series (HKLM\...\{86E0D99B-EDBF-4455-8A6C-1A798C4DD36D}) (Version: 28.1.1320.0 - Hewlett-Packard Co.)
ZPS 19 CZ (HKU\S-1-5-21-3662661212-3872397067-606727941-1001\...\{E83AA227-7862-F115-2E87-46DCA9E3D879}) (Version: v.19.2004.2.262 - 18.08.2020 - libbi)

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-19] ()
AI Meeting Manager -> C:\Program Files\WindowsApps\E046963F.AIMeetingManager_3.1.18.0_x64__k1h2ywk1493x8 [2024-11-30] (LENOVO INC.)
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.10022.0_x64__0a9344xs7nr4m [2024-11-30] (Advanced Micro Devices Inc.) [Startup Task]
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.30201.210.0_x64__rz1tebttyb220 [2024-11-30] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2024-11-30] (Microsoft Corporation)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2024-11-30] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.51.0_x64__stws0m115j6hg [2024-11-30] (ELAN Microelectronics Corporation)
Elevoc Vocplus System -> C:\Program Files\WindowsApps\ElevocTechnologyCo.Ltd.ElevocVocplusSystem_1.0.29.0_x64__ttaqwwhyt5s6t [2024-11-30] (Elevoc Technology Co., Ltd.)
freda epub ebook reader -> C:\Program Files\WindowsApps\5957Turnipsoft.freda_5.3.2.0_x64__ypmq2qh89vmny [2024-11-30] (Turnipsoft)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-11-30] (HP Inc.)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2409.29.0_x64__k1h2ywk1493x8 [2024-11-30] (LENOVO INC.)
Mapy.cz -> C:\Program Files\WindowsApps\949FFEAB.Mapy.cz_8.23.0.0_x64__refxrrjvvv3cw [2024-11-30] (Seznam.cz a.s.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-11-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2024-11-30] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.36.273.0_x64__dt26b99r8h8gj [2024-11-30] (Realtek Semiconductor Corp)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2024-11-30] (Samsung Electronics Co. Ltd.)
Settle Up -> C:\Program Files\WindowsApps\15837bezysoftware.SettleDown_2.6.0.0_x64__szd32vgd5b9q4 [2024-11-30] (Step Up Labs) [MS Ad]
Smart Microphone Settings -> C:\Program Files\WindowsApps\ElevocTechnologyCo.Ltd.SmartMicrophoneSettings_1.1.51.0_x64__ttaqwwhyt5s6t [2024-11-30] (Elevoc Technology Co., Ltd.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm [2024-11-30] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-30] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-30] (Microsoft Corp.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3662661212-3872397067-606727941-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\vitbo\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.28402\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3662661212-3872397067-606727941-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3662661212-3872397067-606727941-1001_Classes\CLSID\{E1A68935-CC2F-F2E4-5BB1-C0A6FF3C2A40}\InprocServer32 -> C:\Program Files\Common Files\System\ole32.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.216.1027.0003\FileSyncShell64.dll [2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-07-18 20:09 - 2023-07-18 20:09 - 000091648 _____ () [File not signed] C:\Program Files\VMware\Endpoint Telemetry Service\zlib1.dll
2022-01-04 13:20 - 2022-07-15 15:00 - 000094720 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2023-10-11 05:12 - 2023-10-11 05:12 - 000551936 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Program Files\VMware\Endpoint Telemetry Service\libcurl.dll
2023-10-24 21:01 - 2023-10-24 21:01 - 005152256 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\VMware\Endpoint Telemetry Service\libcrypto-3-x64.dll
2023-10-24 21:01 - 2023-10-24 21:01 - 000776192 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\VMware\Endpoint Telemetry Service\libssl-3-x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-3662661212-3872397067-606727941-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-09-29] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-09-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll [2022-05-07] (Lenovo -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3662661212-3872397067-606727941-1001\...\sharepoint.com -> hxxps://ucnmuni-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2024-04-11 10:59 - 000000943 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
46.28.109.117 master.gamespy.com
127.0.0.1 view-localhost # view localhost server

2022-01-21 15:30 - 2022-01-21 15:32 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3662661212-3872397067-606727941-1001\Control Panel\Desktop\\Wallpaper -> c:\users\vitbo\appdata\local\packages\microsoft.windows.photos_8wekyb3d8bbwe\localstate\photosappbackground\nbr8wedtru021.jpg
DNS Servers: 195.178.83.78 - 195.178.83.68
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D38AB904-9795-412F-A9B5-1285C18932D8}] => (Block) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [{FFC3DF76-5BD8-4236-8D9C-530C90C101A4}] => (Block) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{2F720D35-427E-4352-BC1D-36AF0BE769E5}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [TCP Query User{D4674C4D-5913-4BE2-AC17-80F4EB492842}C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe] => (Allow) C:\program files (x86)\relic entertainment\company of heroes - complete edition\reliccoh.exe (The build server will stamp this field) [File not signed]
FirewallRules: [UDP Query User{F8C8DC7C-AEFB-47D7-8E0F-C8A16FDBEE6F}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{0EEB1AA6-9FE1-4333-AB45-910BCE4B5E51}C:\windows\syswow64\dpnsvr.exe] => (Allow) C:\windows\syswow64\dpnsvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{C255BC6B-106E-47A3-9E76-341A05F324C7}C:\users\vitbo\downloads\vietcong 1.rar cz dubing plná verze\vietcong\play vietcong.exe] => (Allow) C:\users\vitbo\downloads\vietcong 1.rar cz dubing plná verze\vietcong\play vietcong.exe () [File not signed]
FirewallRules: [TCP Query User{268859B3-D6D1-4DB3-9F64-6F9F884C5930}C:\users\vitbo\downloads\vietcong 1.rar cz dubing plná verze\vietcong\play vietcong.exe] => (Allow) C:\users\vitbo\downloads\vietcong 1.rar cz dubing plná verze\vietcong\play vietcong.exe () [File not signed]
FirewallRules: [UDP Query User{AFBB9611-28D2-4A27-87C1-5285F7D38B87}C:\users\vitbo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vitbo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{168C69C4-B97A-49FF-957E-65F9F96CAB98}C:\users\vitbo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\vitbo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9F1AE228-E733-4F14-A1DD-B6BCD42570F6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D5F710D0-18A9-4A6E-A0A3-52360ABB6FFA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF3BF460-A77C-43E8-B5DA-FB085C71C5FF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DFE02741-242E-40AF-AA8C-9B0C3AEDC618}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8CB5B0F0-75A2-4CEE-AAB8-B6D866598132}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52FE4D00-05F3-4262-9DBC-9434B51D7FB8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6E64DB49-AB24-4248-8A62-453500C737D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ADCAC24B-B5DF-469A-B2D4-44C35DDAD904}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD669658-23FE-46C7-AAB6-EB468349EFFA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (HP Inc. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{32F792F2-D3FA-417B-8F99-1ABB52B20906}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{2D05C75D-107F-4932-A4C2-0F2B52A19CE7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C80F2756-FA1F-4C77-9D94-CAE156CDB90E}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CDA420B-5DAD-438F-A2C3-525614CC40B5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{8A79B3D1-279D-427F-BB73-2327AC4DB547}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{81C118C4-A5C2-41BF-8C47-160E34B500E1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0284ADE4-58A5-470A-BFB1-944F5C810033}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FE0854D6-8D6E-402F-82E1-D7161977A0D4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5990629E-2C32-4E26-A0C2-27D7891F94A4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23DE628D-DBEE-4D14-88CF-1EA4920A75DD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0B9528FE-B246-4107-BA95-90AC48CE2006}] => (Allow) C:\Program Files\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{BC3F8ADA-3860-49DD-AA1E-EA8E5B370BD7}] => (Allow) C:\Program Files\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{EED60D39-40AB-4130-BCB3-5E63010B52E8}] => (Allow) C:\Program Files\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{5568ED55-EB96-4A73-ACA6-1712C149B667}] => (Allow) C:\Program Files\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{485B7B8F-6B73-43C1-8CA7-D2AF8968EB1E}] => (Allow) C:\Program Files\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{E1BE9782-4EC7-43F0-BA82-E6EA68DFF9C4}] => (Allow) C:\Program Files\VMware\VMware Horizon View Client\vmware-remotemks.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{A72BDF86-C4EE-46BD-9D65-169915F758A4}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{42678562-5EF3-419A-9A43-B2B2ED717F26}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [{BF97E946-2BC8-4284-A950-F032BFD82207}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{FF19F3F3-5048-4B7A-BA44-61354C43CA4E}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{C5E8573A-94A2-4599-9155-94132E9D09AD}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{696993AF-87C6-4B42-8B1A-965378B6ABAC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{66811FBD-D880-40A4-9F55-E1AE11DFBC84}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AB508B8-D940-4D11-9315-12EDD93FA49A}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DC4B730-AD32-4C98-A249-6F87A5C822AB}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C25AB04C-06D0-496D-A37F-AE4BEBD0AD88}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CA4E7424-43D3-4FAA-B5A7-39851E348BC3}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{2D9AC832-9059-40EC-A104-0D5C832E168E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )

==================== Restore Points =========================

30-11-2024 18:30:45 Naplánovaný kontrolní bod
30-11-2024 19:10:21 Removed Teams Machine-Wide Installer
30-11-2024 19:20:35 Revo Uninstaller's restore point - Malwarebytes version 5.2.2.154

==================== Faulty Device Manager Devices ============
Name: Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC
Description: Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Universal Device Client Device
Description: Universal Device Client Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (11/30/2024 07:25:40 PM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-4A5N90E)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.30.0.11385, časové razítko: 0x672b8cef
Název chybujícího modulu: CCleaner64.exe, verze: 6.30.0.11385, časové razítko: 0x672b8cef
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000126cd1e
ID chybujícího procesu: 0x0x2f08
Čas spuštění chybující aplikace: 0x0x1db435541aa9ff3
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID zprávy: 65f6adcc-d6cd-43a9-beb4-39de81e3930d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/30/2024 06:09:47 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: DAX3API.exe, verze: 3.30400.413.0, časové razítko: 0x62cd22f4
Název chybujícího modulu: DAX3API.exe, verze: 3.30400.413.0, časové razítko: 0x62cd22f4
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000012eae4
ID chybujícího procesu: 0x0x1464
Čas spuštění chybující aplikace: 0x0x1db434a878a0b5d
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_943df24ce165050e\DAX3API.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_943df24ce165050e\DAX3API.exe
ID zprávy: 217dd212-d2f4-4869-83de-4190ae40f5ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/30/2024 06:08:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5112,R,98) SRUJet: Při otevírání souboru protokolu C:\WINDOWS\system32\SRU\SRU0D02E.log došlo k chybě -1811 (0xfffff8ed).

Error: (11/30/2024 05:36:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (11/30/2024 05:36:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (11/30/2024 05:36:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (11/30/2024 05:36:25 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (11/30/2024 05:36:25 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]


System errors:
=============
Error: (11/30/2024 08:19:49 PM) (Source: RTWlanE) (EventID: 5002) (User: )
Description: Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC : Bylo zjištěno, že síťový adaptér nepracuje správně.

Error: (11/30/2024 08:19:49 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Realtek 8822CE Wireless LAN 802.11ac PCI-E NIC, {f244ad24-4c39-4c9c-b23d-1a4ccd40d46c}, došlo k události 76.

Error: (11/30/2024 07:53:22 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4A5N90E)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/30/2024 07:53:13 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4A5N90E)
Description: Server Windows.Gaming.GameBar.PresenceServer.Internal.PresenceWriter se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/30/2024 07:09:08 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-4A5N90E)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/30/2024 07:04:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (11/30/2024 07:01:12 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-4A5N90E)
Description: Server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/30/2024 06:24:19 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


Windows Defender:
================
Date: 2024-11-30 20:06:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AD305BE6-C584-4241-AE36-A5999F30F641}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-30 17:36:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {100693A7-7828-4DD7-B5AD-E94EB66948E4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-4A5N90E\vitbo

Date: 2024-11-30 11:07:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BB17BF9E-4E68-41F7-ADAE-8BE4087D750E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-4A5N90E\vitbo

Date: 2024-11-30 10:42:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C9B6FF3E-6000-412A-BFB3-2409B0990BFE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-4A5N90E\vitbo

Date: 2024-11-25 21:11:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {853209D6-2B33-4B55-95CE-92D9CFD4BC52}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-11-30 18:08:57
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0

Date: 2024-11-30 10:08:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.523.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2024-11-30 10:08:52
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.421.523.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24090.11
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2023-11-21 08:25:40
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.615.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-11-12 14:06:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.428.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-11-30 19:21:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.

Date: 2024-11-30 19:21:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO R1OET38W (1.17 ) 11/29/2023
Motherboard: LENOVO 20YG006KCK
Processor: AMD Ryzen 5 5500U with Radeon Graphics
Percentage of memory in use: 73%
Total physical RAM: 6986.44 MB
Available physical RAM: 1882.64 MB
Total Virtual: 14154.44 MB
Available Virtual: 7199.35 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:475.69 GB) (Free:241.57 GB) (Model: SAMSUNG MZALQ512HBLU-00BL1) (Protected) NTFS

\\?\Volume{4c9b80b1-faed-40cd-8d4e-fdbfbf5fd378}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.29 GB) NTFS
\\?\Volume{745f4666-f2d0-4b6b-b8b9-161a47647e1c}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 7433E7FE)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15640
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kotrolu logu

#2 Příspěvek od JaRon »

Ahoj,
- s prikazoveho riadku spusteneho ako spravca zadaj
sfc /scannow
- restart
- prescanuj PC s MBAM - log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
WarWalker
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 13 bře 2013 19:58

Re: Prosím o kotrolu logu

#3 Příspěvek od WarWalker »

Ahoj, omlouvám se za pozdější odezvu.

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/3/2024
Scan Time: 8:44 PM
Log File: 098f9eb2-b1af-11ef-ac7a-902e16b9ebc6.json

-Software Information-
Version: 5.2.3.156
Components Version: 1.0.5108
Update Package Version: 1.0.92568
License: Trial

-System Information-
OS: Windows 11 (Build 22631.4541)
CPU: x64
File System: NTFS
User: DESKTOP-4A5N90E\vitbo

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 463558
Threats Detected: 8
Threats Quarantined: 0
Time Elapsed: 22 min, 2 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 8
HackTool.Agent, C:\PROGRAM FILES (X86)\RELIC ENTERTAINMENT\COMPANY OF HEROES - COMPLETE EDITION\STEAM_API.DLL, No Action By User, 22, 85886, 1.0.92568, , ame, , C441C6478EC2FE58F819FC53997A5784, 97ECDE1607BB735F42229590AEF1E1C6C030265B6EB47CE40A7825723FD3396D
PUP.Optional.BundleInstaller.DDS, C:\USERS\VITBO\APPDATA\LOCAL\TEMP\HYDC7A9.TMP.1733066179_PERMISSIONSCOPY\UPDATES\3.5.5_46090.EXE, No Action By User, 1000002, 0, 1.0.92568, F6111CE1EC003B72DB30ADD1, dds, 03115804, 316C70E0D79DBC9C1430AD49FF56BD6D, 628E54FD63A30DA509B1E6006639BFBB457C753D5E029CA0EDA32197B06EBB58
PUP.Optional.BundleInstaller, C:\USERS\VITBO\APPDATA\LOCAL\TEMP\HYDC7A9.TMP.1733066179_PERMISSIONSCOPY\UPDATES\3.5.5_46096.EXE, No Action By User, 52, 1165198, 1.0.92568, , ame, , 4C958FCC0E655443553D2F6994BF0552, 2AD6315A1D1D832E2EC555E1B6BF9B51C8894F52B8999EEC8564C22540B657B2
PUP.Optional.BundleInstaller, C:\USERS\VITBO\APPDATA\LOCAL\TEMP\HYDC7A9.TMP.1733066179_PERMISSIONSCOPY\UTORRENT.EXE, No Action By User, 52, 1165198, 1.0.92568, , ame, , 4C958FCC0E655443553D2F6994BF0552, 2AD6315A1D1D832E2EC555E1B6BF9B51C8894F52B8999EEC8564C22540B657B2
PUP.Optional.BundleInstaller, C:\USERS\VITBO\DOWNLOADS\UTORRENT.EXE, No Action By User, 52, 875791, 1.0.92568, , ame, , 27F55EF050816065B68D2C6E115FA01E, 2111A4CF740C377F0D7AE7E80C0A0D718BCF473706B2B4363453C0EFEA3E0109
PUP.Optional.Softonic, C:\USERS\VITBO\DOWNLOADS\DRIVERBACKUP-2.1-INSTALLER_J-WY1L1.EXE, No Action By User, 3352, 1079703, 1.0.92568, , ame, , C1FE2147288DF9F805ADD851B0A250FB, 02E032F5112CC1AAAB727F99B059736F0B4C30B4895C66D93CA29B2ACBDAADAF
Malware.Sandbox.12, C:\USERS\VITBO\DOWNLOADS\VIETCONG 1.RAR CZ DUBING PLN\u00c3\u00a1 VERZE\VIETCONG\VIETCONG.EXE, No Action By User, 12, 0, 1.0.92568, 12, dds, 03115804, B826D567DD52BCA9B97E50CFA3BF6F38, 1E3638100FE5C0573A03DC72AD8FD5CCEAB9F9C51B5772F47F773F5CA9FF21D2
Malware.Sandbox.54, C:\USERS\VITBO\DOWNLOADS\CYBERLINK_PHOTODIRECTOR_DOWNLOADER.EXE, No Action By User, 54, 0, 1.0.92568, 54, dds, 03115804, DB804B00C7ED3631AE1C51466C35EE2D, BD33BC39BD71140B5E688651493A3AF8D7EDEFC5F4192FA60ABF7910CD5CE719

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15640
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kotrolu logu

#4 Příspěvek od JaRon »

Najdene nechaj zmazat/do karanteny
Restart
A napis ako sa sprava PC :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
WarWalker
Návštěvník
Návštěvník
Příspěvky: 40
Registrován: 13 bře 2013 19:58

Re: Prosím o kotrolu logu

#5 Příspěvek od WarWalker »

Dáno do karantény, vše ok.
Měl jsem posledních pár dní problém, že mi zničeho nic zmizel driver pro wifi a tak jsem několikrát musel dávat bod obnovy.
Obával jsem se malware, nicméně pravděpodobnou příčinou byla snaha předinstalovaného software Lenovo o akutalizaci zmíněného drivwru, která se z nějakého důvodu nezdařila. Po odinstalování SW od lenova vše v pohodě.
Díky moc, posílám příspěvek na provoz fóra.
Pěkný večer.
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15640
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kotrolu logu

#6 Příspěvek od JaRon »

Ano, problem driverom wifi bol jeden z viditelnych problemov v logu
Najdene bolo skladisko otravnych poloziek :)
Za prispevok dakujeme
Pekny den :thumbsup:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“