zasekaný notebook
Napsal: 17 kvě 2025 12:16
Zdravím, manžel má čím dál víc zasekaný notebook. Moc se o něj popravdě nestará. Potřebuje ho do práce.. Prosím o kontrolu.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-05-2025
Ran by 42077 (administrator) on LAPTOP-K4SV175L (LENOVO 80WK) (17-05-2025 13:01:39)
Running from C:\Users\42077\Downloads\FRST64.exe
Loaded Profiles: 42077
Platform: Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.18730.20168\OfficeClickToRun.exe
(C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe
(C:\Program Files\mcafee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe <2>
(C:\Users\42077\AppData\Roaming\Seznam.cz\bin\szndesktop.exe ->) (Seznam.cz, a.s. -> ) C:\Users\42077\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxEM.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\csp\5.4.105.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_22_7\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Seznam.cz, a.s. -> ) C:\Users\42077\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(svchost.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\mqs\QcShm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\42077\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [258400 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1922496 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [ss_global] => D:\FunPlus\State of Survival\Launcher.exe [2030864 2024-01-15] (FunPlus International AG -> FunPlus, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\42077\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\42077\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2024-01-16] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42077\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [87794984 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42077\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\RunOnce: [Uninstall 25.051.0317.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42077\AppData\Local\Microsoft\OneDrive\25.051.0317.0003" [0 2025-04-19] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Windows x64\Print Processors\Canon TS300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDV.DLL [482816 2017-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS300 series: C:\Windows\system32\CNMLMDV.DLL [1302016 2017-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\136.0.7103.114\Installer\chrmstp.exe [2025-05-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2E32AD5C-FA90-4747-BF7A-4162F0068ECD} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2EEFF8C1-A5F1-4CB1-8ECB-629162755249} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3389E0C3-5E4F-43EC-99CC-E0BB0C1C0F80} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {353230D1-0DA5-4FAE-ACE6-C3B7D027716C} - \NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {3A101875-1146-47E4-9859-E6A851038812} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {454F9F3D-E176-4DAD-9401-CA7CA6DDFBA2} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {57990EC6-F2B7-477D-B406-82FD859963F6} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {6A781A23-8286-4C39-93B1-F404CD22953D} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {9F9D8030-899F-4F96-95BC-CD0C0D8751BB} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {AFC181D5-7FE1-4678-8E51-A3A8836561BC} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {8E2359D4-B909-4133-824E-B3D45C1A2C47} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{EC0F1B9F-18A1-4FD4-AB7C-8DC648BBF437} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {7B80015F-2ED7-4854-B8DE-D180837DDDAD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7156.3{77E60B82-3574-4569-B3C5-B267172F2C6F} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.3\updater.exe [7096416 2025-05-08] (Google LLC -> Google LLC)
Task: {0A14948D-1217-48CC-9D0A-001B2E7AB8F6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {C3388A7D-8393-45EC-82BC-6FAB0D0BA887} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {7A1DED1D-3465-4040-A1B6-1DC3CE6753D6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {D7E40A9E-DA69-4139-97FB-620B13134AFD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6851ee26-af8d-4e21-97d7-487ebfbd63bd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {D888318A-4DDA-4C84-BF87-E7DEB45505F1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6d5244c4-5206-4df7-b9f3-d69106b7802e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {29B68425-ED49-4626-9082-D7C770ED5B46} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8a1e3928-618f-404a-8451-56f602196e20 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {4E4AFDCC-7B99-4F6B-AC02-6E8626DBCF3C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d27c0453-9c7d-40bf-88bd-fef97884f211 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {E61BEA1E-35E7-4826-83D4-5B9038A29485} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f97aa3e8-ed09-4e84-9ba3-d782a8421882 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {38D2391C-1EA1-41A8-9F5D-7E1B2A1BF284} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [3560352 2025-02-17] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {F8BAF7E3-6307-4A49-B4F9-91724D56EDD4} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2360224 2025-02-17] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {31AF69F7-176D-4676-9F0B-3F3E9BE599C4} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2360224 2025-02-17] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {F8DE49C9-5C28-4C65-8E5D-39F6F14ED41E} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\av\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {A71D766E-A511-4B03-80AB-C272B245C741} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.114\DADUpdater.exe [4096576 2024-02-15] (McAfee, LLC -> McAfee, LLC)
Task: {02291ACC-D137-49A3-8C0A-CDFBF054100F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [932376 2022-10-13] (McAfee, LLC -> McAfee, LLC)
Task: {D1851BCA-E458-4993-BB39-94C57F85A342} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [932376 2022-10-13] (McAfee, LLC -> McAfee, LLC)
Task: {BD480C96-243E-46C7-9D25-72C6198A5812} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC)
Task: {C6102198-EFCF-4F3E-8ED3-FC21CE916DA0} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B814FF4-9F2D-4B20-87AE-5FA74BA38784} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {763F57D0-A609-48F9-A731-FF708011DFF7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B991446-189E-49F9-AD8F-149A53EDC8D3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF71B6B0-8470-4D10-9CD8-1C3012E4C5C7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE800FFD-0D1F-4D9E-B585-4AA743D2B3C5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B78A4D5-6E67-40C5-B27E-2AF102B2DE61} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA2A005C-6D9E-47C6-AF06-0EE76BFD64F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {979C7036-9DF2-46F4-8BB7-6232ADFEA56B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7AB0A270-FC72-408D-9A81-ED5EF5A42C39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15EA7019-287D-4253-88A4-6D74ED4BE117} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [756064 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
Task: {A0669C86-7FD3-4896-849D-91EC45535F3B} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1998848579-2642783020-4098957678-1001 => C:\Users\42077\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{2e367dee-cb7c-4fbe-b46b-79e7f3db05db}: [DhcpNameServer] 150.213.1.3
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}: [DhcpDomain] home
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}\35351434D2A7163696: [DhcpNameServer] 192.168.10.10 192.168.10.20 192.168.10.5
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}\35351434D2A7163696: [DhcpDomain] skolaac.cz
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-11]
Edge Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-11]
Edge Extension: (Edge relevant text changes) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2023-01-03] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2023-01-10] (McAfee, LLC -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2023-01-10] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default [2025-05-17]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E211CZ714G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> McAfee
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Seznam Doplněk – Email) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2025-04-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-05-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-12]
CHR Extension: (Seznam.cz) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2025-04-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-11] (McAfee, Inc. -> McAfee, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-26] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [458592 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [943728 2025-05-17] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_7\McApExe.exe [816696 2022-10-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.4.105.0\McCSPServiceHost.exe [3379584 2022-10-10] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1161032 2022-07-14] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1571608 2022-10-09] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4248712 2022-10-14] (McAfee, LLC -> McAfee, LLC)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [1016672 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McProxy; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 MSK80Service; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174960 2017-07-03] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77888 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-12-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-12-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [14976 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [55256 2017-09-29] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476224 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349760 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84440 2022-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Trellix US LLC.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [445504 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [920128 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [665424 2022-07-07] (Musarubra US LLC -> Trellix US LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [119632 2022-07-07] (Musarubra US LLC -> Trellix US LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [112712 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [234584 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26560 2017-07-26] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssaebus; C:\WINDOWS\System32\drivers\ssaebus.sys [136264 2014-09-29] (MCCI Corporation -> MCCI Corporation)
S3 ssaeunic; C:\WINDOWS\System32\drivers\ssaeunic.sys [178760 2014-09-29] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [204568 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [204568 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [68888 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [204568 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 MpKsle98b2cd6; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A1C0EB5-6D66-43ED-ADDE-9676B4F5AE2F}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-05-17 13:01 - 2025-05-17 13:05 - 000034761 _____ C:\Users\42077\Downloads\FRST.txt
2025-05-17 12:59 - 2025-05-17 13:04 - 000000000 ____D C:\FRST
2025-05-17 12:58 - 2025-05-17 12:58 - 002405888 _____ (Farbar) C:\Users\42077\Downloads\FRST64.exe
2025-04-19 19:10 - 2025-04-19 19:10 - 000000000 ___HD C:\$WinREAgent
2025-04-19 18:38 - 2025-04-19 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-05-17 13:05 - 2024-01-16 17:02 - 000000000 ____D C:\Users\42077\AppData\Roaming\uTorrent
2025-05-17 12:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-17 12:55 - 2023-01-03 20:06 - 000000000 ____D C:\Users\42077\AppData\Local\Packages
2025-05-17 12:52 - 2023-01-03 15:06 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-17 12:51 - 2023-01-04 02:22 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-17 12:51 - 2023-01-04 02:22 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-17 12:49 - 2023-01-04 02:25 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-17 12:48 - 2024-01-12 16:04 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-05-17 12:48 - 2024-01-12 16:04 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-05-17 12:45 - 2023-01-04 02:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-20 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-19 22:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-19 22:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-04-19 22:32 - 2023-01-04 13:36 - 000000000 ____D C:\Users\42077\AppData\Local\D3DSCache
2025-04-19 22:20 - 2025-03-11 16:01 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1998848579-2642783020-4098957678-1001
2025-04-19 22:20 - 2024-03-04 11:59 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1998848579-2642783020-4098957678-1001
2025-04-19 22:20 - 2024-03-04 11:50 - 000002388 _____ C:\Users\42077\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-19 22:20 - 2023-01-03 20:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1998848579-2642783020-4098957678-1001
2025-04-19 22:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-19 22:16 - 2024-01-16 17:02 - 000000000 ____D C:\Users\42077\AppData\Roaming\Seznam.cz
2025-04-19 22:09 - 2023-01-03 20:06 - 000000000 __SHD C:\Users\42077\IntelGraphicsProfiles
2025-04-19 20:54 - 2023-01-04 02:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-19 20:41 - 2023-01-04 02:57 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-19 20:41 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-19 20:41 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-19 20:35 - 2023-01-04 02:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-19 20:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-19 20:34 - 2023-01-04 02:17 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-19 20:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-04-19 20:27 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-04-19 20:26 - 2017-12-24 16:26 - 000000000 ____D C:\Program Files (x86)\McAfee
2025-04-19 19:11 - 2017-12-24 15:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-04-19 18:59 - 2023-01-04 02:24 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-19 18:59 - 2023-01-04 02:24 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-04-17 18:08 - 2023-01-03 20:07 - 000000000 ____D C:\ProgramData\Packages
2025-04-17 18:07 - 2023-01-03 22:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-04-17 17:36 - 2023-01-03 22:14 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-04-17 17:33 - 2024-01-08 11:22 - 000000000 ____D C:\Program Files\RUXIM
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2025
Ran by 42077 (17-05-2025 13:08:12)
Running from C:\Users\42077\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) (2023-01-04 00:58:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
42077 (S-1-5-21-1998848579-2642783020-4098957678-1001 - Administrator - Enabled) => C:\Users\42077
Administrator (S-1-5-21-1998848579-2642783020-4098957678-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1998848579-2642783020-4098957678-503 - Limited - Disabled)
Guest (S-1-5-21-1998848579-2642783020-4098957678-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1998848579-2642783020-4098957678-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Cyberpunk 2077: Phantom Liberty (HKLM-x32\...\Cyberpunk 2077: Phantom Liberty_is1) (Version: 2.10.56123 - CD Projekt RED)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.3.3.100 - EasternGraphics)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 136.0.7103.114 - Google LLC)
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{871689FB-5226-4641-8ED2-6FDAA2DF65C1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{D9D63ED7-B857-450C-B46A-1371885084E5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Lenovo Entertainment Hub (HKLM-x32\...\{2994AD9D-6FB9-411E-9D88-C009DE04DC51}_is1) (Version: 1.3.28 - Beyond Media)
Lenovo Nerve Center Core Component (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 3.0.14.13 - Lenovo)
Lenovo Now (HKLM-x32\...\{622FA116-13E7-4BB6-839C-A3E0E3ECDFE6}_is1) (Version: 4.2.1.1 - Lenovo)
LibreOffice 7.4.3.2 (HKLM\...\{C724CD98-7AEB-4F85-8C10-9721600CE0DA}) (Version: 7.4.3.2 - The Document Foundation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R50 - McAfee, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{D736B443-AF61-4775-9488-DDF59F87BD1F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F102A269-3323-427C-914D-E5E71F61453D}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{e03f35e3-deda-418d-a097-a474bcd6942b}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127 (HKLM\...\{8678BA04-D161-45BE-ACA4-CC5D13073F35}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127 (HKLM\...\{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 385.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
pCon.planner 8.8 STD (HKLM\...\{597BD159-6F4B-4BBA-B468-90BB563C3076}) (Version: 8.8.0.100 - EasternGraphics)
REDlauncher (HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.7.0 - Jan Adamec)
Seznam Software (HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
State of Survival 1.2.0.180 (HKLM-x32\...\{D583EC8D-D3D0-46D0-91CF-89406329F12B}_is1) (Version: 1.2.0.180 - FunPlus, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
uTorrent verze 1.5 (HKLM-x32\...\uTorrent_is1) (Version: 1.5 - )
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1025 - McAfee, LLC)
Packages:
=========
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-04-23] (Disney)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-04-17] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-23] (LENOVO INC) [Startup Task]
Lenovo Nerve Center -> C:\Program Files\WindowsApps\e0469640.nervecenter_3.0.14.0_x64__5grkq8ppsgwt4 [2023-01-03] (LENOVO INC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-04-17] (LinkedIn) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.28001.0_x64__8wekyb3d8bbwe [2025-04-17] (Microsoft Corporation) [Startup Task]
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0 [2025-04-17] (Spotify AB) [Startup Task]
Winmail.dat Viewer - Letter Opener -> C:\Program Files\WindowsApps\AtlanCreativeGmbH.Winmail.datViewer-LetterOpener_2.0.3.0_x64__h8gmy52jknkyt [2025-04-17] (Letter Opener GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1998848579-2642783020-4098957678-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxDTCM.dll [2017-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-12-24 15:56 - 2017-12-24 15:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2017-12-24 15:56 - 2017-12-24 15:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\42077\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\16026550556118132307\133895720323299664.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7068CAC1-0F70-4494-A6B4-4EB40DD7BD23}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5CE7EF81-94AF-4F4B-B8EB-A21A3411775C}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{41B6D6CB-AFD6-4C18-B277-3341DB624040}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{D1083103-B44F-4AF9-9683-F81ACBE1818C}] => (Allow) D:\FunPlus\State of Survival\nGame\1.20.70.748\sspc.exe (FunPlus International AG -> FunPlus, Inc.)
FirewallRules: [{B31780EA-1637-4F66-A361-04A9ED90EC14}] => (Allow) D:\FunPlus\State of Survival\nGame\1.20.70.748\sspc.exe (FunPlus International AG -> FunPlus, Inc.)
FirewallRules: [{02AC36F1-D650-45B2-A7EA-FE5A1544BD5D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{09BD8E85-6510-479A-916C-2A372DE254B8}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{AF746164-207F-45AF-A87E-786EED7CD930}C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{09F1836F-774D-4E58-9131-B0E3737C6122}C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{4C5E48DD-2AD6-4346-865F-D4DEECFC2074}] => (Block) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{D62C746D-BC96-47A9-ABA3-0C26957F160A}] => (Block) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{E957A758-FCB7-4A7E-943F-6BF5850B9765}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07406014-F729-4FAB-8D7C-59E80C519B2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7470E0A5-2194-4351-B112-F5E6A3DF6C9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B08AD37-1214-401E-97F8-8E9412FF08BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA568B29-E41D-42E3-B8FE-0EF059B59478}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97B1BFE5-A49A-4980-ADC9-A8A04EF55F99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C03258BC-8B5D-46B2-A490-9FBC2134DD2B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C71AADAB-6D1A-4924-8780-0B3BA2E2FA34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{59943DD7-F88F-4B98-9053-28893171FAE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7AC2329E-45C1-4956-8FFE-B8A07C4D6C82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{98A5582B-E429-4B69-865C-853B5098F3BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{66840887-C7C3-4318-9A48-09544021E636}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{01BF5558-E208-491D-9725-EB11FA28CAFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE8C963A-2378-48A9-9693-A1EC7CF81523}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7483CD91-6E37-4668-A71F-11C832A27977}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9F6D8737-62CE-4474-9EC8-28C9C9C39B5C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E30574AE-650E-4A2D-8C3E-117737282CD6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
19-04-2025 19:04:41 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/20/2025 12:20:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/20/2025 12:19:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/19/2025 08:40:54 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (04/19/2025 08:29:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (04/19/2025 08:21:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/19/2025 08:21:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/19/2025 07:13:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.4239, časové razítko: 0x35946a52
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4291, časové razítko: 0xa956ff71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012dca2
ID chybujícího procesu: 0x1018
Čas spuštění chybující aplikace: 0x01dbb14d158d662e
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e9137f43-04ab-4d41-8fa1-25e318059143
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/19/2025 07:10:28 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LAPTOP-K4SV175L)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
System errors:
=============
Error: (05/17/2025 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K4SV175L)
Description: Server {8018F647-BF07-55BB-82BE-A2D7049F7CE4} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Windows Defender:
================
Date: 2024-04-23 13:12:00
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-03-11 11:53:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-03-06 10:22:10
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-02-08 10:58:48
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-01-24 13:23:41
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2025-05-17 13:06:28
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-05-17 13:06:28
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-05-17 13:06:28
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-05-17 13:04:09
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
Date: 2025-05-17 13:04:09
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2025-05-17 12:48:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2025-04-19 22:27:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-19 20:47:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-04-19 20:40:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2025-04-19 20:39:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 4KCN40WW 10/17/2017
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 59%
Total physical RAM: 8084.16 MB
Available physical RAM: 3262.62 MB
Total Virtual: 10516.16 MB
Available Virtual: 4227.23 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1836.77 GB) (Free:1374.61 GB) (Model: ST2000LM007-1R8174) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:9.07 GB) (Model: ST2000LM007-1R8174) NTFS
\\?\Volume{5570ed7b-9451-47e2-9b9e-06d0610f45cb}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{cee628d1-14a6-4ee2-a5ed-5b5711e4b585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 45167814)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-05-2025
Ran by 42077 (administrator) on LAPTOP-K4SV175L (LENOVO 80WK) (17-05-2025 13:01:39)
Running from C:\Users\42077\Downloads\FRST64.exe
Loaded Profiles: 42077
Platform: Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.18730.20168\OfficeClickToRun.exe
(C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\HotkeyMonitor.exe
(C:\Program Files\mcafee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe <2>
(C:\Users\42077\AppData\Roaming\Seznam.cz\bin\szndesktop.exe ->) (Seznam.cz, a.s. -> ) C:\Users\42077\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (BitTorrent Inc -> BitTorrent, Inc.) C:\Program Files (x86)\uTorrent\uTorrent.exe
(explorer.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(explorer.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxEM.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\csp\5.4.105.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_22_7\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (MUSARUBRA US LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Seznam.cz, a.s. -> ) C:\Users\42077\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(svchost.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\mqs\QcShm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\42077\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
(svchost.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391088 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506376 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [258400 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1922496 2017-07-26] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [ss_global] => D:\FunPlus\State of Survival\Launcher.exe [2030864 2024-01-15] (FunPlus International AG -> FunPlus, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\42077\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\42077\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2024-01-16] (BitTorrent Inc -> BitTorrent, Inc.)
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42077\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [87794984 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42077\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\RunOnce: [Uninstall 25.051.0317.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42077\AppData\Local\Microsoft\OneDrive\25.051.0317.0003" [0 2025-04-19] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Windows x64\Print Processors\Canon TS300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDV.DLL [482816 2017-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS300 series: C:\Windows\system32\CNMLMDV.DLL [1302016 2017-06-06] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\136.0.7103.114\Installer\chrmstp.exe [2025-05-17] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2E32AD5C-FA90-4747-BF7A-4162F0068ECD} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2EEFF8C1-A5F1-4CB1-8ECB-629162755249} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3389E0C3-5E4F-43EC-99CC-E0BB0C1C0F80} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {353230D1-0DA5-4FAE-ACE6-C3B7D027716C} - \NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {3A101875-1146-47E4-9859-E6A851038812} - \NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {454F9F3D-E176-4DAD-9401-CA7CA6DDFBA2} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {57990EC6-F2B7-477D-B406-82FD859963F6} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {6A781A23-8286-4C39-93B1-F404CD22953D} - \NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {9F9D8030-899F-4F96-95BC-CD0C0D8751BB} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {AFC181D5-7FE1-4678-8E51-A3A8836561BC} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {8E2359D4-B909-4133-824E-B3D45C1A2C47} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{EC0F1B9F-18A1-4FD4-AB7C-8DC648BBF437} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {7B80015F-2ED7-4854-B8DE-D180837DDDAD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7156.3{77E60B82-3574-4569-B3C5-B267172F2C6F} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7156.3\updater.exe [7096416 2025-05-08] (Google LLC -> Google LLC)
Task: {0A14948D-1217-48CC-9D0A-001B2E7AB8F6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [94496 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {C3388A7D-8393-45EC-82BC-6FAB0D0BA887} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {7A1DED1D-3465-4040-A1B6-1DC3CE6753D6} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {D7E40A9E-DA69-4139-97FB-620B13134AFD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6851ee26-af8d-4e21-97d7-487ebfbd63bd => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {D888318A-4DDA-4C84-BF87-E7DEB45505F1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\6d5244c4-5206-4df7-b9f3-d69106b7802e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {29B68425-ED49-4626-9082-D7C770ED5B46} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8a1e3928-618f-404a-8451-56f602196e20 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {4E4AFDCC-7B99-4F6B-AC02-6E8626DBCF3C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d27c0453-9c7d-40bf-88bd-fef97884f211 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {E61BEA1E-35E7-4826-83D4-5B9038A29485} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\f97aa3e8-ed09-4e84-9ba3-d782a8421882 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
Task: {38D2391C-1EA1-41A8-9F5D-7E1B2A1BF284} - System32\Tasks\Lenovo\LenovoNowLauncher => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.exe [3560352 2025-02-17] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/task
Task: {F8BAF7E3-6307-4A49-B4F9-91724D56EDD4} - System32\Tasks\Lenovo\LenovoNowQuarterlyLaunch => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2360224 2025-02-17] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\/QuarterlyLaunch
Task: {31AF69F7-176D-4676-9F0B-3F3E9BE599C4} - System32\Tasks\Lenovo\LenovoNowTask => C:\Program Files (x86)\Lenovo\LenovoNow\x86\LenovoNow.Task.exe [2360224 2025-02-17] (Lenovo -> Lenovo) -> C:\Program Files (x86)\Lenovo\LenovoNow\x86\$(EventData)
Task: {F8DE49C9-5C28-4C65-8E5D-39F6F14ED41E} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\av\McAfee VirusScan\upgrade.exe [4565048 2024-01-23] (McAfee, LLC -> McAfee, LLC)
Task: {A71D766E-A511-4B03-80AB-C272B245C741} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.114\DADUpdater.exe [4096576 2024-02-15] (McAfee, LLC -> McAfee, LLC)
Task: {02291ACC-D137-49A3-8C0A-CDFBF054100F} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [932376 2022-10-13] (McAfee, LLC -> McAfee, LLC)
Task: {D1851BCA-E458-4993-BB39-94C57F85A342} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [932376 2022-10-13] (McAfee, LLC -> McAfee, LLC)
Task: {BD480C96-243E-46C7-9D25-72C6198A5812} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [768288 2022-03-24] (McAfee, LLC -> McAfee, LLC)
Task: {C6102198-EFCF-4F3E-8ED3-FC21CE916DA0} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B814FF4-9F2D-4B20-87AE-5FA74BA38784} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {763F57D0-A609-48F9-A731-FF708011DFF7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B991446-189E-49F9-AD8F-149A53EDC8D3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF71B6B0-8470-4D10-9CD8-1C3012E4C5C7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE800FFD-0D1F-4D9E-B585-4AA743D2B3C5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [225432 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B78A4D5-6E67-40C5-B27E-2AF102B2DE61} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DA2A005C-6D9E-47C6-AF06-0EE76BFD64F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {979C7036-9DF2-46F4-8BB7-6232ADFEA56B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7AB0A270-FC72-408D-9A81-ED5EF5A42C39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {15EA7019-287D-4253-88A4-6D74ED4BE117} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [756064 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
Task: {A0669C86-7FD3-4896-849D-91EC45535F3B} - System32\Tasks\OneDrive Startup Task-S-1-5-21-1998848579-2642783020-4098957678-1001 => C:\Users\42077\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{2e367dee-cb7c-4fbe-b46b-79e7f3db05db}: [DhcpNameServer] 150.213.1.3
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}: [DhcpDomain] home
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}\35351434D2A7163696: [DhcpNameServer] 192.168.10.10 192.168.10.20 192.168.10.5
Tcpip\..\Interfaces\{fe51a19c-81cf-4c5d-8276-fc30223cc02e}\35351434D2A7163696: [DhcpDomain] skolaac.cz
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-11]
Edge Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-11]
Edge Extension: (Edge relevant text changes) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2023-01-03] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2023-01-10] (McAfee, LLC -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2023-01-10] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default [2025-05-17]
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E211CZ714G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> McAfee
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Seznam Doplněk – Email) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2025-04-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-05-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-01-12]
CHR Extension: (Seznam.cz) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2025-04-19]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-08-11] (McAfee, Inc. -> McAfee, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-26] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [458592 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [113224 2024-06-26] (Lenovo -> Lenovo Group Ltd.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [943728 2025-05-17] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_22_7\McApExe.exe [816696 2022-10-17] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2017-01-17] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.4.105.0\McCSPServiceHost.exe [3379584 2022-10-10] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1161032 2022-07-14] (McAfee, LLC -> McAfee, LLC)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1215944 2022-09-15] (MUSARUBRA US LLC -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1571608 2022-10-09] (McAfee, LLC -> McAfee, LLC)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4248712 2022-10-14] (McAfee, LLC -> McAfee, LLC)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [1016672 2017-09-29] (LENOVO -> Lenovo(beijing) Limited)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 McProxy; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
S3 MSK80Service; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHTPCRDR; C:\WINDOWS\System32\drivers\bhtpcrdr.sys [174960 2017-07-03] (BayHub Technology Inc. -> BayHubTech/O2Micro)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77888 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2018-12-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-12-25] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [14976 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [55256 2017-09-29] (Lenovo (Beijing) Co., Ltd. -> Lenovo(beijing) Limited)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2015-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476224 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349760 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84440 2022-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Trellix US LLC.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [445504 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [920128 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [665424 2022-07-07] (Musarubra US LLC -> Trellix US LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [119632 2022-07-07] (Musarubra US LLC -> Trellix US LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [112712 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [234584 2022-09-15] (Musarubra US LLC -> Trellix US LLC.)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [26560 2017-07-26] (NVIDIA Corporation -> Windows (R) Win 7 DDK provider)
S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssaebus; C:\WINDOWS\System32\drivers\ssaebus.sys [136264 2014-09-29] (MCCI Corporation -> MCCI Corporation)
S3 ssaeunic; C:\WINDOWS\System32\drivers\ssaeunic.sys [178760 2014-09-29] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [204568 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [204568 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-06-29] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [68888 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [204568 2014-09-29] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 MpKsle98b2cd6; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8A1C0EB5-6D66-43ED-ADDE-9676B4F5AE2F}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-05-17 13:01 - 2025-05-17 13:05 - 000034761 _____ C:\Users\42077\Downloads\FRST.txt
2025-05-17 12:59 - 2025-05-17 13:04 - 000000000 ____D C:\FRST
2025-05-17 12:58 - 2025-05-17 12:58 - 002405888 _____ (Farbar) C:\Users\42077\Downloads\FRST64.exe
2025-04-19 19:10 - 2025-04-19 19:10 - 000000000 ___HD C:\$WinREAgent
2025-04-19 18:38 - 2025-04-19 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-05-17 13:05 - 2024-01-16 17:02 - 000000000 ____D C:\Users\42077\AppData\Roaming\uTorrent
2025-05-17 12:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-17 12:55 - 2023-01-03 20:06 - 000000000 ____D C:\Users\42077\AppData\Local\Packages
2025-05-17 12:52 - 2023-01-03 15:06 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-17 12:51 - 2023-01-04 02:22 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-17 12:51 - 2023-01-04 02:22 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-17 12:49 - 2023-01-04 02:25 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-17 12:48 - 2024-01-12 16:04 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-05-17 12:48 - 2024-01-12 16:04 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-05-17 12:45 - 2023-01-04 02:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-20 08:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-19 22:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-19 22:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2025-04-19 22:32 - 2023-01-04 13:36 - 000000000 ____D C:\Users\42077\AppData\Local\D3DSCache
2025-04-19 22:20 - 2025-03-11 16:01 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-1998848579-2642783020-4098957678-1001
2025-04-19 22:20 - 2024-03-04 11:59 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1998848579-2642783020-4098957678-1001
2025-04-19 22:20 - 2024-03-04 11:50 - 000002388 _____ C:\Users\42077\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-19 22:20 - 2023-01-03 20:11 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1998848579-2642783020-4098957678-1001
2025-04-19 22:20 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-19 22:16 - 2024-01-16 17:02 - 000000000 ____D C:\Users\42077\AppData\Roaming\Seznam.cz
2025-04-19 22:09 - 2023-01-03 20:06 - 000000000 __SHD C:\Users\42077\IntelGraphicsProfiles
2025-04-19 20:54 - 2023-01-04 02:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-19 20:41 - 2023-01-04 02:57 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-19 20:41 - 2019-12-07 16:41 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-19 20:41 - 2019-12-07 16:41 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-19 20:35 - 2023-01-04 02:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-19 20:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-19 20:34 - 2023-01-04 02:17 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-19 20:33 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-04-19 20:27 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-04-19 20:26 - 2017-12-24 16:26 - 000000000 ____D C:\Program Files (x86)\McAfee
2025-04-19 19:11 - 2017-12-24 15:55 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-04-19 18:59 - 2023-01-04 02:24 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-19 18:59 - 2023-01-04 02:24 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-04-17 18:08 - 2023-01-03 20:07 - 000000000 ____D C:\ProgramData\Packages
2025-04-17 18:07 - 2023-01-03 22:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-04-17 17:36 - 2023-01-03 22:14 - 209365816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-04-17 17:33 - 2024-01-08 11:22 - 000000000 ____D C:\Program Files\RUXIM
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2025
Ran by 42077 (17-05-2025 13:08:12)
Running from C:\Users\42077\Downloads
Microsoft Windows 10 Home Version 22H2 19045.4291 (X64) (2023-01-04 00:58:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
42077 (S-1-5-21-1998848579-2642783020-4098957678-1001 - Administrator - Enabled) => C:\Users\42077
Administrator (S-1-5-21-1998848579-2642783020-4098957678-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1998848579-2642783020-4098957678-503 - Limited - Disabled)
Guest (S-1-5-21-1998848579-2642783020-4098957678-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1998848579-2642783020-4098957678-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov)
Cyberpunk 2077: Phantom Liberty (HKLM-x32\...\Cyberpunk 2077: Phantom Liberty_is1) (Version: 2.10.56123 - CD Projekt RED)
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.3.3.100 - EasternGraphics)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 136.0.7103.114 - Google LLC)
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Intel(R) Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{871689FB-5226-4641-8ED2-6FDAA2DF65C1}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{D9D63ED7-B857-450C-B46A-1371885084E5}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Lenovo Entertainment Hub (HKLM-x32\...\{2994AD9D-6FB9-411E-9D88-C009DE04DC51}_is1) (Version: 1.3.28 - Beyond Media)
Lenovo Nerve Center Core Component (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 3.0.14.13 - Lenovo)
Lenovo Now (HKLM-x32\...\{622FA116-13E7-4BB6-839C-A3E0E3ECDFE6}_is1) (Version: 4.2.1.1 - Lenovo)
LibreOffice 7.4.3.2 (HKLM\...\{C724CD98-7AEB-4F85-8C10-9721600CE0DA}) (Version: 7.4.3.2 - The Document Foundation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R50 - McAfee, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{D736B443-AF61-4775-9488-DDF59F87BD1F}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F102A269-3323-427C-914D-E5E71F61453D}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{e03f35e3-deda-418d-a097-a474bcd6942b}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.24.28127 (HKLM\...\{8678BA04-D161-45BE-ACA4-CC5D13073F35}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.24.28127 (HKLM\...\{7DC387B8-E6A2-480C-8EF9-A6E51AE81C19}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.24.28127 (HKLM-x32\...\{EAC73207-74BD-4B13-AACF-8C0E751FA4E8}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.24.28127 (HKLM-x32\...\{2E72FA1F-BADB-4337-B8AE-F7C17EC57D1D}) (Version: 14.24.28127 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 385.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.22270 - Microsoft Corporation) Hidden
pCon.planner 8.8 STD (HKLM\...\{597BD159-6F4B-4BBA-B468-90BB563C3076}) (Version: 8.8.0.100 - EasternGraphics)
REDlauncher (HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\{7258BA11-600C-430E-A759-27E2C691A335}-REDlauncher_is1) (Version: - CD Projekt RED)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.7.0 - Jan Adamec)
Seznam Software (HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
State of Survival 1.2.0.180 (HKLM-x32\...\{D583EC8D-D3D0-46D0-91CF-89406329F12B}_is1) (Version: 1.2.0.180 - FunPlus, Inc.)
UE4 Prerequisites (x64) (HKLM\...\{D7B591D8-1091-4A00-A0B3-5301C45E5D51}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{0d995f46-317b-4b5f-bf3e-9f98bae9d339}) (Version: 1.0.14.0 - Epic Games, Inc.) Hidden
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
uTorrent verze 1.5 (HKLM-x32\...\uTorrent_is1) (Version: 1.5 - )
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1025 - McAfee, LLC)
Packages:
=========
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_2024.3.211.0_neutral__6rarf9sa4v8jt [2024-04-23] (Disney)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-04-17] (LENOVO INC.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-23] (LENOVO INC) [Startup Task]
Lenovo Nerve Center -> C:\Program Files\WindowsApps\e0469640.nervecenter_3.0.14.0_x64__5grkq8ppsgwt4 [2023-01-03] (LENOVO INC)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-04-17] (LinkedIn) [Startup Task]
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2503.28001.0_x64__8wekyb3d8bbwe [2025-04-17] (Microsoft Corporation) [Startup Task]
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0 [2025-04-17] (Spotify AB) [Startup Task]
Winmail.dat Viewer - Letter Opener -> C:\Program Files\WindowsApps\AtlanCreativeGmbH.Winmail.datViewer-LetterOpener_2.0.3.0_x64__h8gmy52jknkyt [2025-04-17] (Letter Opener GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1998848579-2642783020-4098957678-1001_Classes\CLSID\{DEDBE4C9-9E87-40C5-B437-9AAB7EB9C667}\InprocServer32 -> C:\Program Files (x86)\EasternGraphics\EGR-ShellExtension\Win64\egr_se.dll (EasternGraphics GmbH -> EasternGraphics)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igfxDTCM.dll [2017-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-16] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2017-12-24 15:56 - 2017-12-24 15:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2017-12-24 15:56 - 2017-12-24 15:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2023-01-10] (McAfee, LLC -> McAfee, LLC)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1998848579-2642783020-4098957678-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\42077\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\16026550556118132307\133895720323299664.jpg
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Realtek PCIe GBE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7068CAC1-0F70-4494-A6B4-4EB40DD7BD23}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{5CE7EF81-94AF-4F4B-B8EB-A21A3411775C}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{41B6D6CB-AFD6-4C18-B277-3341DB624040}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{D1083103-B44F-4AF9-9683-F81ACBE1818C}] => (Allow) D:\FunPlus\State of Survival\nGame\1.20.70.748\sspc.exe (FunPlus International AG -> FunPlus, Inc.)
FirewallRules: [{B31780EA-1637-4F66-A361-04A9ED90EC14}] => (Allow) D:\FunPlus\State of Survival\nGame\1.20.70.748\sspc.exe (FunPlus International AG -> FunPlus, Inc.)
FirewallRules: [{02AC36F1-D650-45B2-A7EA-FE5A1544BD5D}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{09BD8E85-6510-479A-916C-2A372DE254B8}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [TCP Query User{AF746164-207F-45AF-A87E-786EED7CD930}C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [UDP Query User{09F1836F-774D-4E58-9131-B0E3737C6122}C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{4C5E48DD-2AD6-4346-865F-D4DEECFC2074}] => (Block) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{D62C746D-BC96-47A9-ABA3-0C26957F160A}] => (Block) C:\program files (x86)\gog.com\cyberpunk 2077\bin\x64\cyberpunk2077.exe (CD PROJEKT SPÓŁKA AKCYJNA -> CD PROJEKT S.A.)
FirewallRules: [{E957A758-FCB7-4A7E-943F-6BF5850B9765}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{07406014-F729-4FAB-8D7C-59E80C519B2F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7470E0A5-2194-4351-B112-F5E6A3DF6C9A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B08AD37-1214-401E-97F8-8E9412FF08BA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA568B29-E41D-42E3-B8FE-0EF059B59478}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97B1BFE5-A49A-4980-ADC9-A8A04EF55F99}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C03258BC-8B5D-46B2-A490-9FBC2134DD2B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C71AADAB-6D1A-4924-8780-0B3BA2E2FA34}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{59943DD7-F88F-4B98-9053-28893171FAE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7AC2329E-45C1-4956-8FFE-B8A07C4D6C82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{98A5582B-E429-4B69-865C-853B5098F3BD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{66840887-C7C3-4318-9A48-09544021E636}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{01BF5558-E208-491D-9725-EB11FA28CAFB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE8C963A-2378-48A9-9693-A1EC7CF81523}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7483CD91-6E37-4668-A71F-11C832A27977}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.261.443.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9F6D8737-62CE-4474-9EC8-28C9C9C39B5C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E30574AE-650E-4A2D-8C3E-117737282CD6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
19-04-2025 19:04:41 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/20/2025 12:20:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na LENOVO (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/20/2025 12:19:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Windows (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (04/19/2025 08:40:54 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (04/19/2025 08:29:59 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.
Error: (04/19/2025 08:21:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..
Error: (04/19/2025 08:21:35 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/19/2025 07:13:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.4239, časové razítko: 0x35946a52
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4291, časové razítko: 0xa956ff71
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000012dca2
ID chybujícího procesu: 0x1018
Čas spuštění chybující aplikace: 0x01dbb14d158d662e
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e9137f43-04ab-4d41-8fa1-25e318059143
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/19/2025 07:10:28 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: LAPTOP-K4SV175L)
Description: Aplikaci nebo službu Microsoft Office SDX Helper nelze ukončit.
System errors:
=============
Error: (05/17/2025 12:47:12 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-K4SV175L)
Description: Server {8018F647-BF07-55BB-82BE-A2D7049F7CE4} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5005) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Byla zjištěna vnitřní chyba a došlo k selhání.
5005 - Driver internal error
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Error: (04/20/2025 11:05:50 AM) (Source: Netwtw06) (EventID: 5002) (User: )
Description: Intel(R) Dual Band Wireless-AC 8265 : Bylo zjištěno, že síťový adaptér nepracuje správně.
5002 - uCode SW error (SysAssert, NMI)
Windows Defender:
================
Date: 2024-04-23 13:12:00
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-03-11 11:53:51
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-03-06 10:22:10
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-02-08 10:58:48
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Date: 2024-01-24 13:23:41
Description:
Antivirová ochrana v programu Microsoft Defender scan has been stopped before completion.
Scan Type: Antimalwarový program
Scan Parameters: Rychlé prohledávání
Event[0]:
Date: 2025-05-17 13:06:28
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-05-17 13:06:28
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-05-17 13:06:28
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070020
Error description: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2025-05-17 13:04:09
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
Date: 2025-05-17 13:04:09
Description:
Antivirová ochrana v programu Microsoft Defender has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.427.341.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.25030.1
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
CodeIntegrity:
===============
Date: 2025-05-17 12:48:08
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2025-04-19 22:27:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-19 20:47:01
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2025-04-19 20:40:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2025-04-19 20:39:32
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\ki125133.inf_amd64_7a52044300619fc7\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 4KCN40WW 10/17/2017
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-7300HQ CPU @ 2.50GHz
Percentage of memory in use: 59%
Total physical RAM: 8084.16 MB
Available physical RAM: 3262.62 MB
Total Virtual: 10516.16 MB
Available Virtual: 4227.23 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1836.77 GB) (Free:1374.61 GB) (Model: ST2000LM007-1R8174) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:9.07 GB) (Model: ST2000LM007-1R8174) NTFS
\\?\Volume{5570ed7b-9451-47e2-9b9e-06d0610f45cb}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{cee628d1-14a6-4ee2-a5ed-5b5711e4b585}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 45167814)
Partition: GPT.
==================== End of Addition.txt =======================