Kontrola logu
Napsal: 20 úno 2025 06:09
Zdravím Vás, chtěl bych poprosit o kontrolu logu. Díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2025
Ran by sadro (administrator) on DESKTOP-4E77SLT (LENOVO 6475AG9) (20-02-2025 05:44:09)
Running from C:\Users\sadro\OneDrive\Plocha\FRST64.exe
Loaded Profiles: sadro
Platform: Microsoft Windows 10 Home Version 22H2 19045.5487 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\sadro\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Users\sadro\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\sadro\AppData\Local\Programs\Opera\117.0.5408.32\opera_crashreporter.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\sadro\AppData\Local\Programs\Opera\opera.exe <17>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TrackPointSrv] => C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [138784 2011-11-01] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\Run: [MicrosoftEdgeAutoLaunch_2F877205FC610259C551AA55F379B2D4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {CD2CAAC9-2420-4EA2-A1A6-E5BDE04097D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {BB7C6D1F-4224-4D73-9D44-EAE365FC5A83} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {827FEEBC-04C8-4DAC-865A-5A829EF98D11} - System32\Tasks\Driver Booster SkipUAC (sadro) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [8946688 2023-06-09] (IObit) [File not signed]
Task: {C5022AF4-9706-412A-B55E-E8AB5AE63881} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {30F95CC3-079E-4452-AD72-048ADA5676D9} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {ECAB5733-C40D-4B95-909A-C233E7D2EE50} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {EC28FE73-70A9-4FCA-A91B-E29FDE4E524C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {285E97C1-AD05-46C9-BBFA-BFF1BD54BCB8} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {4132853B-99B9-4F06-83C4-0F36F7CD2468} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {5ABFD021-A741-4D36-BDF1-4112E7079540} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {7CEF24CF-BE5C-432D-80BD-E70545AB122F} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {9C800CB1-5F0C-4B7E-A1B4-55953965F22E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {100522FD-579C-4BA5-854A-BC376D1A342B} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {FCA466FD-1A63-4418-86A7-4F83544407EB} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.181\x64\IdleScheduleEventAction.exe [143768 2024-11-01] (Lenovo -> )
Task: {68674784-1D49-457E-B081-12EDCBB86A8E} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {D78BD745-32B3-4F82-95BD-24DC208A4159} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {DA6BB76D-A3B3-4517-9F0C-2821B74EA4B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3688CE11-FB23-4765-806F-737A759CB166} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ED91CD2F-A596-4FE2-93ED-E36ED440BE9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {266DF147-D27A-4BA1-A996-2E8AB6569A49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {477CA4F4-91CA-4E3D-9D4E-8708D7005A42} - System32\Tasks\OneDrive Startup Task-S-1-5-21-978282830-4128747045-4181034530-1001 => C:\Users\sadro\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C2189D-B4F8-4C43-B393-EF0F91B23BA7} - System32\Tasks\Opera scheduled assistant Autoupdate 1729013942 => C:\Users\sadro\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5682072 2025-02-13] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\sadro\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {3AE4BD56-02AF-4A20-BB37-E615E9C58D35} - System32\Tasks\Opera scheduled Autoupdate 1729013909 => C:\Users\sadro\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5682072 2025-02-13] (Opera Norway AS -> Opera Software)
Task: {F17A929C-66D8-4975-921D-D873E9125C0D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-978282830-4128747045-4181034530-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{03ff6323-85d8-4241-9413-9622f5e73dc7}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sadro\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-17]
Edge Extension: (Dokumenty Google offline) - C:\Users\sadro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\sadro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-20]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKU\S-1-5-21-978282830-4128747045-4181034530-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
S3 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2025-01-23] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-23] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpDefenderCoreService.exe [1926992 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\NisSrv.exe [4352464 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MsMpEng.exe [270088 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 atmeltpm; C:\WINDOWS\System32\drivers\atmeltpm64.sys [19456 2011-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Atmel, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64.sys [649216 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
R3 cykbfltrService; C:\WINDOWS\System32\drivers\cykbfltr.sys [16896 2012-06-15] (Cypress Semiconductor -> Cypress Semiconductor, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ecnssndis; C:\WINDOWS\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB -> Ericsson AB)
S3 ecnssndisfltr; C:\WINDOWS\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB -> Ericsson AB)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 l36wgps; C:\WINDOWS\System32\drivers\l36wgps64.sys [101416 2011-02-28] (Ericsson AB -> Ericsson AB)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Mbm3CBus; C:\WINDOWS\System32\drivers\Mbm3CBus.sys [419400 2011-04-13] (MCCI Corporation -> MCCI Corporation)
S3 Mbm3DevMt; C:\WINDOWS\System32\drivers\Mbm3DevMt.sys [430664 2011-04-13] (MCCI Corporation -> MCCI Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 Tp4Track; C:\WINDOWS\System32\drivers\tp4track.sys [29992 2011-11-01] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20056 2025-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601504 2025-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [163048 2022-07-24] (MEDIATEK INC. -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-02-20 05:44 - 2025-02-20 05:46 - 000014780 _____ C:\Users\sadro\OneDrive\Plocha\FRST.txt
2025-02-20 05:43 - 2025-02-20 05:45 - 000000000 ____D C:\FRST
2025-02-20 05:40 - 2025-02-20 05:40 - 002403840 _____ (Farbar) C:\Users\sadro\OneDrive\Plocha\FRST64.exe
2025-02-17 09:00 - 2025-02-17 09:16 - 000003164 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-978282830-4128747045-4181034530-1001
2025-02-17 09:00 - 2025-02-17 09:15 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-978282830-4128747045-4181034530-1001
2025-02-17 09:00 - 2025-02-17 09:00 - 000002377 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-17 08:59 - 2025-02-18 16:02 - 000001046 _____ C:\Users\sadro\OneDrive\Plocha\Telegram.lnk
2025-02-17 08:11 - 2025-02-17 08:11 - 000000876 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2025-02-17 08:09 - 2025-02-17 08:13 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Mess
2025-02-17 08:07 - 2025-02-17 08:13 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Kancelář
2025-02-17 08:05 - 2025-02-18 17:18 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Média
2025-02-17 07:58 - 2025-02-17 09:20 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2025-02-17 05:45 - 2025-02-17 05:45 - 000103167 _____ C:\Users\sadro\Downloads\662.pdf
2025-02-13 14:20 - 2025-02-17 09:16 - 000003632 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1729013909
2025-02-13 14:20 - 2025-02-13 14:20 - 000001386 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-02-12 10:52 - 2025-02-12 10:52 - 000000000 ___HD C:\$WinREAgent
2025-02-07 11:52 - 2025-02-17 09:15 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-02-07 11:50 - 2025-02-07 11:50 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-02-07 11:42 - 2025-02-07 11:42 - 000000000 ____D C:\Users\sadro\AppData\LocalLow\Temp
2025-02-07 05:41 - 2025-02-07 12:02 - 000000000 ____D C:\AdmWin
2025-02-07 05:41 - 2025-02-07 05:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdmWin
2025-01-23 07:46 - 2025-01-23 07:46 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-01-23 07:30 - 2025-01-23 07:30 - 002833136 ____N (Malwarebytes) C:\Users\sadro\Downloads\MBSetup_y31b.exe
2025-01-23 06:38 - 2025-01-23 06:38 - 000033086 _____ C:\Users\sadro\Downloads\3225003230.pdf
2025-01-23 05:19 - 2025-01-23 05:19 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000000000 ____D C:\Program Files (x86)\OpenAL
2025-01-23 05:17 - 2025-01-23 05:17 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2025-01-23 05:13 - 2025-01-23 05:13 - 000040048 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2025-01-22 15:32 - 2025-01-23 05:55 - 000004771 _____ C:\WINDOWS\SysWOW64\pt_excp.txt
2025-01-22 15:32 - 2025-01-22 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\cfg
2025-01-22 10:48 - 2025-01-22 10:48 - 000000000 ____D C:\Users\sadro\AppData\LocalLow\uTorrent.WebView2
2025-01-22 10:40 - 2025-01-23 04:52 - 000000000 ____D C:\Program Files (x86)\Google
2025-01-22 10:38 - 2025-01-22 10:38 - 004557824 ____N (u Torrent Classic) C:\Users\sadro\Downloads\utorrent_installer.exe
2025-01-22 07:06 - 2025-02-17 08:57 - 000000000 ____D C:\Users\sadro\AppData\Local\CrashDumps
2025-01-22 06:23 - 2025-02-17 08:52 - 000000000 ____D C:\Users\sadro\AppData\Local\Malwarebytes
2025-01-22 06:20 - 2025-01-23 07:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-01-22 06:20 - 2025-01-23 07:44 - 000000000 ____D C:\Program Files\Malwarebytes
2025-01-22 06:18 - 2025-01-22 06:18 - 002833136 _____ (Malwarebytes) C:\Users\sadro\Downloads\MBSetup.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-02-20 05:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-20 05:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-20 05:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-20 05:25 - 2023-06-07 08:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-19 06:45 - 2024-11-10 04:33 - 000000000 ____D C:\Users\sadro\AppData\Roaming\uTorrent
2025-02-18 17:20 - 2023-06-07 09:26 - 000858306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-18 17:20 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2025-02-18 17:20 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2025-02-18 17:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-02-18 17:13 - 2025-01-12 04:18 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-18 17:13 - 2023-06-07 09:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-18 17:13 - 2023-06-07 08:30 - 000268432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-02-18 17:11 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-18 16:13 - 2022-12-04 18:59 - 000000000 ___RD C:\Users\sadro\OneDrive\Plocha\Filmy
2025-02-18 16:13 - 2022-12-04 18:59 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Torrent
2025-02-18 16:02 - 2024-12-05 03:55 - 000000000 ____D C:\Users\sadro\AppData\Roaming\Telegram Desktop
2025-02-17 10:41 - 2023-06-07 08:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-17 09:15 - 2023-06-07 10:42 - 000003122 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-978282830-4128747045-4181034530-1001
2025-02-17 08:59 - 2023-10-22 07:46 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-16 13:35 - 2022-12-03 11:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-15 05:47 - 2023-06-07 09:01 - 000000000 ____D C:\Users\sadro
2025-02-14 06:43 - 2023-06-07 09:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-02-13 09:27 - 2023-06-07 10:35 - 000000000 ____D C:\ProgramData\Packages
2025-02-13 09:27 - 2023-06-07 10:34 - 000000000 ____D C:\Users\sadro\AppData\Local\Packages
2025-02-12 17:52 - 2024-08-04 09:38 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-02-12 17:52 - 2024-08-04 09:38 - 000000000 ____D C:\WINDOWS\InboxApps
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-12 17:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-12 17:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-12 12:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-12 11:46 - 2023-06-07 08:49 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-12 10:40 - 2023-06-13 21:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-12 10:33 - 2023-06-13 21:11 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-07 16:35 - 2022-12-04 19:05 - 000000000 ___RD C:\Users\sadro\OneDrive\Plocha\Čištení
2025-02-07 12:13 - 2024-11-10 17:27 - 000001394 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-02-07 11:14 - 2024-12-08 16:00 - 000000000 ____D C:\Users\sadro\AppData\Local\cache
2025-02-03 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-01-27 09:44 - 2024-12-11 19:14 - 000000000 ____D C:\Users\sadro\AppData\Local\ElevatedDiagnostics
2025-01-23 06:12 - 2023-06-14 11:28 - 000002796 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (sadro)
2025-01-23 05:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-22 15:28 - 2023-06-07 10:34 - 000000000 ____D C:\Users\sadro\AppData\Local\VirtualStore
2025-01-22 06:22 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2025
Ran by sadro (20-02-2025 05:49:54)
Running from C:\Users\sadro\OneDrive\Plocha
Microsoft Windows 10 Home Version 22H2 19045.5487 (X64) (2023-06-07 08:51:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-978282830-4128747045-4181034530-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-978282830-4128747045-4181034530-503 - Limited - Disabled)
Guest (S-1-5-21-978282830-4128747045-4181034530-501 - Limited - Disabled)
sadro (S-1-5-21-978282830-4128747045-4181034530-1001 - Administrator - Enabled) => C:\Users\sadro
WDAGUtilityAccount (S-1-5-21-978282830-4128747045-4181034530-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\uTorrent) (Version: 3.6.0.47178 - BitTorrent Limited)
AdmWin 3.50 (HKLM-x32\...\AdmWin_is1) (Version: - AdmWin)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
CrystalDiskInfo 8.8.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.8.5 - Crystal Dew World)
FastStone Image Viewer 7.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.9 - FastStone Corporation)
IObit Driver Booster 10.5.0.139 (HKLM-x32\...\IObit Driver Booster_is1) (Version: 10.5.0.139 - LR)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
Malwarebytes version 5.2.4.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.4.157 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.69 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 117.0.5408.32 (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\Opera 117.0.5408.32) (Version: 117.0.5408.32 - Opera Software)
Revo Uninstaller Pro 5.3.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.3.0 - VS Revo Group, Ltd.)
Telegram Desktop (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.11.1 - Telegram FZ-LLC)
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.8.50 - Conexant Systems)
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Packages:
=========
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-02-18] (LENOVO INC.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-978282830-4128747045-4181034530-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2024-10-15 17:38 - 000001321 __RSH C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 alpha-crap.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 license-api.ccleaner.com
127.0.0.1 analytics.ff.avast.com
127.0.0.1 license.piriform.com
127.0.0.1 ncc.avast.com
127.0.0.1 ncc.avast.com.edgesuite.net
127.0.0.1 shepherd.ff.avast.com
127.0.0.1 www.ccleaner.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) 82567LM Gigabit Network Connection -> e1y62x64.sys
Wi-Fi: Intel(R) WiFi Link 5100 AGN -> NETwNs64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "TrackPointSrv"
HKLM\...\StartupApproved\Run32: => "TrackPointSrv"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2F877205FC610259C551AA55F379B2D4"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "RMDIR"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "Uninstall 23.199.0924.0001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{DCFD27AB-6172-47B2-9D99-5D8CD0FE5095}C:\users\sadro\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sadro\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A412C9B9-9869-488E-95DE-B1B5EFE32E00}C:\users\sadro\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sadro\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E1E09391-DE3A-4BEE-BB02-084F544328BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{272C5339-1F12-414F-94A9-B7264FD2AD5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51BEE53C-3CE9-49C9-88A8-3D209CBC3DFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86EB1890-F9AE-4130-940C-ECE3DD2F37B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FAB5BA3F-44A6-46FE-BAAF-D929C82855E7}C:\users\sadro\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sadro\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{18225A29-FA73-4778-84CF-3B326BC0F9BD}C:\users\sadro\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sadro\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{031D317A-438B-41F3-8090-B28A57E556E1}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{2D7FC646-A049-47E7-8B1D-02528895FB59}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{880C7862-4A1B-4C4D-8EC6-33A551D4A776}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{972C4AB1-121A-4BA9-A59D-65C7901258C2}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{F2D40240-78AA-4096-85D3-D6CB5CB0E3C8}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
==================== Restore Points =========================
17-02-2025 07:55:51 Installed OpenOffice 4.1.15
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/14/2025 04:36:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/14/2025 04:15:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/07/2025 03:59:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/07/2025 03:40:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/07/2025 12:10:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ESETOnlineScanner.exe, verze: 10.34.8.0, časové razítko: 0x65f09154
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x6ce0f861
Kód výjimky: 0xc0000008
Posun chyby: 0x000a02f6
ID chybujícího procesu: 0x1eb8
Čas spuštění chybující aplikace: 0x01db795099790d14
Cesta k chybující aplikaci: C:\Users\sadro\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 82c3ad97-d49c-47d6-b41a-dbddf8b9398b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/31/2025 03:56:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/31/2025 03:40:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/26/2025 09:08:32 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (02/20/2025 05:03:20 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:19 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:19 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:18 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:18 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:17 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:17 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:16 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Windows Defender:
================
Date: 2025-02-18 07:58:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-17 09:04:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-16 07:58:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-15 16:59:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-11 21:43:52
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2024-10-15 06:49:56
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:49:56
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:49:56
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:46:24
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:46:24
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2025-02-06 10:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-02-05 17:14:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 7UET48WW (1.18 ) 10/09/2008
Motherboard: LENOVO 6475AG9
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 69%
Total physical RAM: 3992.02 MB
Available physical RAM: 1220.92 MB
Total Virtual: 4696.02 MB
Available Virtual: 1673.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:147.79 GB) (Free:72.93 GB) (Model: WDC WD1600BEVS-08VAT2) NTFS
\\?\Volume{db7274c8-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{db7274c8-0000-0000-0000-900825000000}\ () (Fixed) (Total:0.91 GB) (Free:0.28 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: DB7274C8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=147.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=936 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-02-2025
Ran by sadro (administrator) on DESKTOP-4E77SLT (LENOVO 6475AG9) (20-02-2025 05:44:09)
Running from C:\Users\sadro\OneDrive\Plocha\FRST64.exe
Loaded Profiles: sadro
Platform: Microsoft Windows 10 Home Version 22H2 19045.5487 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\sadro\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Users\sadro\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\sadro\AppData\Local\Programs\Opera\117.0.5408.32\opera_crashreporter.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\sadro\AppData\Local\Programs\Opera\opera.exe <17>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\NisSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TrackPointSrv] => C:\Program Files\Lenovo\TrackPoint\tp4serv.exe [138784 2011-11-01] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\Run: [MicrosoftEdgeAutoLaunch_2F877205FC610259C551AA55F379B2D4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088384 2025-02-14] (Microsoft Corporation -> Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {CD2CAAC9-2420-4EA2-A1A6-E5BDE04097D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {BB7C6D1F-4224-4D73-9D44-EAE365FC5A83} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {827FEEBC-04C8-4DAC-865A-5A829EF98D11} - System32\Tasks\Driver Booster SkipUAC (sadro) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [8946688 2023-06-09] (IObit) [File not signed]
Task: {C5022AF4-9706-412A-B55E-E8AB5AE63881} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {30F95CC3-079E-4452-AD72-048ADA5676D9} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {ECAB5733-C40D-4B95-909A-C233E7D2EE50} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {EC28FE73-70A9-4FCA-A91B-E29FDE4E524C} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {285E97C1-AD05-46C9-BBFA-BFF1BD54BCB8} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {4132853B-99B9-4F06-83C4-0F36F7CD2468} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {5ABFD021-A741-4D36-BDF1-4112E7079540} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {7CEF24CF-BE5C-432D-80BD-E70545AB122F} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {9C800CB1-5F0C-4B7E-A1B4-55953965F22E} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {100522FD-579C-4BA5-854A-BC376D1A342B} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {FCA466FD-1A63-4418-86A7-4F83544407EB} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.181\x64\IdleScheduleEventAction.exe [143768 2024-11-01] (Lenovo -> )
Task: {68674784-1D49-457E-B081-12EDCBB86A8E} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\ScheduleEventAction.exe [30056 2024-09-12] (Lenovo -> Lenovo)
Task: {D78BD745-32B3-4F82-95BD-24DC208A4159} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\uninstall.exe [340968 2024-09-12] (Lenovo -> Lenovo)
Task: {DA6BB76D-A3B3-4517-9F0C-2821B74EA4B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3688CE11-FB23-4765-806F-737A759CB166} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ED91CD2F-A596-4FE2-93ED-E36ED440BE9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {266DF147-D27A-4BA1-A996-2E8AB6569A49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpCmdRun.exe [1732792 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {477CA4F4-91CA-4E3D-9D4E-8708D7005A42} - System32\Tasks\OneDrive Startup Task-S-1-5-21-978282830-4128747045-4181034530-1001 => C:\Users\sadro\AppData\Local\Microsoft\OneDrive\25.005.0112.0003\OneDriveLauncher.exe [447032 2025-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4C2189D-B4F8-4C43-B393-EF0F91B23BA7} - System32\Tasks\Opera scheduled assistant Autoupdate 1729013942 => C:\Users\sadro\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5682072 2025-02-13] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\sadro\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {3AE4BD56-02AF-4A20-BB37-E615E9C58D35} - System32\Tasks\Opera scheduled Autoupdate 1729013909 => C:\Users\sadro\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5682072 2025-02-13] (Opera Norway AS -> Opera Software)
Task: {F17A929C-66D8-4975-921D-D873E9125C0D} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-978282830-4128747045-4181034530-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{03ff6323-85d8-4241-9413-9622f5e73dc7}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sadro\AppData\Local\Microsoft\Edge\User Data\Default [2025-02-17]
Edge Extension: (Dokumenty Google offline) - C:\Users\sadro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\sadro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-11-20]
FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-01-29] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKU\S-1-5-21-978282830-4128747045-4181034530-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\LenovoVantageService.exe [34256 2024-09-12] (Lenovo -> Lenovo)
S3 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2025-01-23] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-23] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MpDefenderCoreService.exe [1926992 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\NisSrv.exe [4352464 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.6-0\MsMpEng.exe [270088 2025-02-14] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 atmeltpm; C:\WINDOWS\System32\drivers\atmeltpm64.sys [19456 2011-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Atmel, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64.sys [649216 2009-10-05] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems Inc.)
R3 cykbfltrService; C:\WINDOWS\System32\drivers\cykbfltr.sys [16896 2012-06-15] (Cypress Semiconductor -> Cypress Semiconductor, Inc.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ecnssndis; C:\WINDOWS\System32\Drivers\wwuss64.sys [26664 2010-02-23] (Ericsson AB -> Ericsson AB)
S3 ecnssndisfltr; C:\WINDOWS\System32\Drivers\wwussf64.sys [30248 2010-02-23] (Ericsson AB -> Ericsson AB)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [278944 2025-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 l36wgps; C:\WINDOWS\System32\drivers\l36wgps64.sys [101416 2011-02-28] (Ericsson AB -> Ericsson AB)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Mbm3CBus; C:\WINDOWS\System32\drivers\Mbm3CBus.sys [419400 2011-04-13] (MCCI Corporation -> MCCI Corporation)
S3 Mbm3DevMt; C:\WINDOWS\System32\drivers\Mbm3DevMt.sys [430664 2011-04-13] (MCCI Corporation -> MCCI Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 Tp4Track; C:\WINDOWS\System32\drivers\tp4track.sys [29992 2011-11-01] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20056 2025-02-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601504 2025-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [163048 2022-07-24] (MEDIATEK INC. -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100768 2025-02-14] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-02-20 05:44 - 2025-02-20 05:46 - 000014780 _____ C:\Users\sadro\OneDrive\Plocha\FRST.txt
2025-02-20 05:43 - 2025-02-20 05:45 - 000000000 ____D C:\FRST
2025-02-20 05:40 - 2025-02-20 05:40 - 002403840 _____ (Farbar) C:\Users\sadro\OneDrive\Plocha\FRST64.exe
2025-02-17 09:00 - 2025-02-17 09:16 - 000003164 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-978282830-4128747045-4181034530-1001
2025-02-17 09:00 - 2025-02-17 09:15 - 000002918 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-978282830-4128747045-4181034530-1001
2025-02-17 09:00 - 2025-02-17 09:00 - 000002377 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-02-17 08:59 - 2025-02-18 16:02 - 000001046 _____ C:\Users\sadro\OneDrive\Plocha\Telegram.lnk
2025-02-17 08:11 - 2025-02-17 08:11 - 000000876 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2025-02-17 08:09 - 2025-02-17 08:13 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Mess
2025-02-17 08:07 - 2025-02-17 08:13 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Kancelář
2025-02-17 08:05 - 2025-02-18 17:18 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Média
2025-02-17 07:58 - 2025-02-17 09:20 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2025-02-17 05:45 - 2025-02-17 05:45 - 000103167 _____ C:\Users\sadro\Downloads\662.pdf
2025-02-13 14:20 - 2025-02-17 09:16 - 000003632 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1729013909
2025-02-13 14:20 - 2025-02-13 14:20 - 000001386 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-02-12 10:52 - 2025-02-12 10:52 - 000000000 ___HD C:\$WinREAgent
2025-02-07 11:52 - 2025-02-17 09:15 - 000003542 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-02-07 11:50 - 2025-02-07 11:50 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-02-07 11:42 - 2025-02-07 11:42 - 000000000 ____D C:\Users\sadro\AppData\LocalLow\Temp
2025-02-07 05:41 - 2025-02-07 12:02 - 000000000 ____D C:\AdmWin
2025-02-07 05:41 - 2025-02-07 05:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdmWin
2025-01-23 07:46 - 2025-01-23 07:46 - 000002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-01-23 07:30 - 2025-01-23 07:30 - 002833136 ____N (Malwarebytes) C:\Users\sadro\Downloads\MBSetup_y31b.exe
2025-01-23 06:38 - 2025-01-23 06:38 - 000033086 _____ C:\Users\sadro\Downloads\3225003230.pdf
2025-01-23 05:19 - 2025-01-23 05:19 - 000466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2025-01-23 05:19 - 2025-01-23 05:19 - 000000000 ____D C:\Program Files (x86)\OpenAL
2025-01-23 05:17 - 2025-01-23 05:17 - 000000000 ____D C:\Program Files (x86)\Microsoft XNA
2025-01-23 05:13 - 2025-01-23 05:13 - 000040048 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2025-01-22 15:32 - 2025-01-23 05:55 - 000004771 _____ C:\WINDOWS\SysWOW64\pt_excp.txt
2025-01-22 15:32 - 2025-01-22 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\cfg
2025-01-22 10:48 - 2025-01-22 10:48 - 000000000 ____D C:\Users\sadro\AppData\LocalLow\uTorrent.WebView2
2025-01-22 10:40 - 2025-01-23 04:52 - 000000000 ____D C:\Program Files (x86)\Google
2025-01-22 10:38 - 2025-01-22 10:38 - 004557824 ____N (u Torrent Classic) C:\Users\sadro\Downloads\utorrent_installer.exe
2025-01-22 07:06 - 2025-02-17 08:57 - 000000000 ____D C:\Users\sadro\AppData\Local\CrashDumps
2025-01-22 06:23 - 2025-02-17 08:52 - 000000000 ____D C:\Users\sadro\AppData\Local\Malwarebytes
2025-01-22 06:20 - 2025-01-23 07:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-01-22 06:20 - 2025-01-23 07:44 - 000000000 ____D C:\Program Files\Malwarebytes
2025-01-22 06:18 - 2025-01-22 06:18 - 002833136 _____ (Malwarebytes) C:\Users\sadro\Downloads\MBSetup.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-02-20 05:33 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-02-20 05:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-02-20 05:30 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-02-20 05:25 - 2023-06-07 08:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-02-19 06:45 - 2024-11-10 04:33 - 000000000 ____D C:\Users\sadro\AppData\Roaming\uTorrent
2025-02-18 17:20 - 2023-06-07 09:26 - 000858306 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-02-18 17:20 - 2019-12-07 15:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2025-02-18 17:20 - 2019-12-07 15:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2025-02-18 17:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-02-18 17:13 - 2025-01-12 04:18 - 000008192 ___SH C:\DumpStack.log.tmp
2025-02-18 17:13 - 2023-06-07 09:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-02-18 17:13 - 2023-06-07 08:30 - 000268432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-02-18 17:11 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-02-18 16:13 - 2022-12-04 18:59 - 000000000 ___RD C:\Users\sadro\OneDrive\Plocha\Filmy
2025-02-18 16:13 - 2022-12-04 18:59 - 000000000 ____D C:\Users\sadro\OneDrive\Plocha\Torrent
2025-02-18 16:02 - 2024-12-05 03:55 - 000000000 ____D C:\Users\sadro\AppData\Roaming\Telegram Desktop
2025-02-17 10:41 - 2023-06-07 08:53 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-02-17 09:15 - 2023-06-07 10:42 - 000003122 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-978282830-4128747045-4181034530-1001
2025-02-17 08:59 - 2023-10-22 07:46 - 000000000 ____D C:\ProgramData\Package Cache
2025-02-16 13:35 - 2022-12-03 11:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-02-15 05:47 - 2023-06-07 09:01 - 000000000 ____D C:\Users\sadro
2025-02-14 06:43 - 2023-06-07 09:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-02-13 09:27 - 2023-06-07 10:35 - 000000000 ____D C:\ProgramData\Packages
2025-02-13 09:27 - 2023-06-07 10:34 - 000000000 ____D C:\Users\sadro\AppData\Local\Packages
2025-02-12 17:52 - 2024-08-04 09:38 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-02-12 17:52 - 2024-08-04 09:38 - 000000000 ____D C:\WINDOWS\InboxApps
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-02-12 17:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-02-12 17:52 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2025-02-12 17:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate
2025-02-12 12:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-02-12 11:46 - 2023-06-07 08:49 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-02-12 10:40 - 2023-06-13 21:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-02-12 10:33 - 2023-06-13 21:11 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-02-07 16:35 - 2022-12-04 19:05 - 000000000 ___RD C:\Users\sadro\OneDrive\Plocha\Čištení
2025-02-07 12:13 - 2024-11-10 17:27 - 000001394 _____ C:\Users\sadro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-02-07 11:14 - 2024-12-08 16:00 - 000000000 ____D C:\Users\sadro\AppData\Local\cache
2025-02-03 09:27 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-01-27 09:44 - 2024-12-11 19:14 - 000000000 ____D C:\Users\sadro\AppData\Local\ElevatedDiagnostics
2025-01-23 06:12 - 2023-06-14 11:28 - 000002796 _____ C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (sadro)
2025-01-23 05:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-01-22 15:28 - 2023-06-07 10:34 - 000000000 ____D C:\Users\sadro\AppData\Local\VirtualStore
2025-01-22 06:22 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2025
Ran by sadro (20-02-2025 05:49:54)
Running from C:\Users\sadro\OneDrive\Plocha
Microsoft Windows 10 Home Version 22H2 19045.5487 (X64) (2023-06-07 08:51:21)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-978282830-4128747045-4181034530-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-978282830-4128747045-4181034530-503 - Limited - Disabled)
Guest (S-1-5-21-978282830-4128747045-4181034530-501 - Limited - Disabled)
sadro (S-1-5-21-978282830-4128747045-4181034530-1001 - Administrator - Enabled) => C:\Users\sadro
WDAGUtilityAccount (S-1-5-21-978282830-4128747045-4181034530-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\uTorrent) (Version: 3.6.0.47178 - BitTorrent Limited)
AdmWin 3.50 (HKLM-x32\...\AdmWin_is1) (Version: - AdmWin)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.005.20399 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601108}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant)
CrystalDiskInfo 8.8.5 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.8.5 - Crystal Dew World)
FastStone Image Viewer 7.9 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.9 - FastStone Corporation)
IObit Driver Booster 10.5.0.139 (HKLM-x32\...\IObit Driver Booster_is1) (Version: 10.5.0.139 - LR)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.2.24.0 - Lenovo Group Ltd.)
Malwarebytes version 5.2.4.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.4.157 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 133.0.3065.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 133.0.3065.69 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\OneDriveSetup.exe) (Version: 25.005.0112.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34438 (HKLM-x32\...\{b49c10dd-4d54-45f8-ad13-fa25704456a4}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34438 (HKLM-x32\...\{ba10fda9-f731-441f-a999-000bbb7ceec2}) (Version: 14.42.34438.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34438 (HKLM\...\{E528AD94-12D7-42C4-91A3-908BE28E9BD2}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34438 (HKLM\...\{2E15F519-4FDA-4834-B4EE-7EFCE7D8D4EE}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34438 (HKLM-x32\...\{A5592FEF-F948-4BA6-A066-8BBFC2DC7EE1}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34438 (HKLM-x32\...\{5D0C4511-3CA1-4FF8-A4BA-C0E1957ABEEA}) (Version: 14.42.34438 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 117.0.5408.32 (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\Opera 117.0.5408.32) (Version: 117.0.5408.32 - Opera Software)
Revo Uninstaller Pro 5.3.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.3.0 - VS Revo Group, Ltd.)
Telegram Desktop (HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.11.1 - Telegram FZ-LLC)
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.8.50 - Conexant Systems)
ThinkPad TrackPoint Driver (HKLM\...\TrackPoint) (Version: 4.73.1.0 - Lenovo)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)
Packages:
=========
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-02-18] (LENOVO INC.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-978282830-4128747045-4181034530-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ContextMenuHandlers3: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> [CC]{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => -> No File
ContextMenuHandlers6: [RUShellExt] -> [CC]{2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2024-10-15 17:38 - 000001321 __RSH C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 alpha-crap.ff.avast.com
127.0.0.1 ipm-provider.ff.avast.com
127.0.0.1 license-api.ccleaner.com
127.0.0.1 analytics.ff.avast.com
127.0.0.1 license.piriform.com
127.0.0.1 ncc.avast.com
127.0.0.1 ncc.avast.com.edgesuite.net
127.0.0.1 shepherd.ff.avast.com
127.0.0.1 www.ccleaner.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Intel(R) 82567LM Gigabit Network Connection -> e1y62x64.sys
Wi-Fi: Intel(R) WiFi Link 5100 AGN -> NETwNs64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "TrackPointSrv"
HKLM\...\StartupApproved\Run32: => "TrackPointSrv"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "ut"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_2F877205FC610259C551AA55F379B2D4"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "Delete Cached Update Binary"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "RMDIR"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-978282830-4128747045-4181034530-1001\...\StartupApproved\Run: => "Uninstall 23.199.0924.0001"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{DCFD27AB-6172-47B2-9D99-5D8CD0FE5095}C:\users\sadro\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sadro\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{A412C9B9-9869-488E-95DE-B1B5EFE32E00}C:\users\sadro\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\sadro\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{E1E09391-DE3A-4BEE-BB02-084F544328BC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{272C5339-1F12-414F-94A9-B7264FD2AD5A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{51BEE53C-3CE9-49C9-88A8-3D209CBC3DFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{86EB1890-F9AE-4130-940C-ECE3DD2F37B1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{FAB5BA3F-44A6-46FE-BAAF-D929C82855E7}C:\users\sadro\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sadro\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [UDP Query User{18225A29-FA73-4778-84CF-3B326BC0F9BD}C:\users\sadro\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\sadro\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{031D317A-438B-41F3-8090-B28A57E556E1}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{2D7FC646-A049-47E7-8B1D-02528895FB59}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{880C7862-4A1B-4C4D-8EC6-33A551D4A776}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{972C4AB1-121A-4BA9-A59D-65C7901258C2}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{F2D40240-78AA-4096-85D3-D6CB5CB0E3C8}] => (Allow) C:\Users\sadro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
==================== Restore Points =========================
17-02-2025 07:55:51 Installed OpenOffice 4.1.15
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/14/2025 04:36:39 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/14/2025 04:15:59 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/07/2025 03:59:25 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/07/2025 03:40:52 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (02/07/2025 12:10:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ESETOnlineScanner.exe, verze: 10.34.8.0, časové razítko: 0x65f09154
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5007, časové razítko: 0x6ce0f861
Kód výjimky: 0xc0000008
Posun chyby: 0x000a02f6
ID chybujícího procesu: 0x1eb8
Čas spuštění chybující aplikace: 0x01db795099790d14
Cesta k chybující aplikaci: C:\Users\sadro\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 82c3ad97-d49c-47d6-b41a-dbddf8b9398b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/31/2025 03:56:08 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/31/2025 03:40:55 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na System Reserved, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/26/2025 09:08:32 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
System errors:
=============
Error: (02/20/2025 05:03:20 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:19 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:19 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:18 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:18 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:17 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:17 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (02/20/2025 05:03:16 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Windows Defender:
================
Date: 2025-02-18 07:58:15
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-17 09:04:18
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-16 07:58:16
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-15 16:59:35
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-02-11 21:43:52
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2024-10-15 06:49:56
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:49:56
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:49:56
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:46:24
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antivirový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2024-10-15 06:46:24
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.417.673.0
Update Source: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Security intelligence Type: Antispywarový program
Update Type: Úplné
Current Engine Version:
Previous Engine Version: 1.1.24080.9
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2025-02-06 10:38:09
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-02-05 17:14:30
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 7UET48WW (1.18 ) 10/09/2008
Motherboard: LENOVO 6475AG9
Processor: Intel(R) Core(TM)2 Duo CPU P8400 @ 2.26GHz
Percentage of memory in use: 69%
Total physical RAM: 3992.02 MB
Available physical RAM: 1220.92 MB
Total Virtual: 4696.02 MB
Available Virtual: 1673.7 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:147.79 GB) (Free:72.93 GB) (Model: WDC WD1600BEVS-08VAT2) NTFS
\\?\Volume{db7274c8-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{db7274c8-0000-0000-0000-900825000000}\ () (Fixed) (Total:0.91 GB) (Free:0.28 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149.1 GB) (Disk ID: DB7274C8)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=147.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=936 MB) - (Type=27)
==================== End of Addition.txt =======================
