VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

preventivka

https://forum.viry.cz:443/viewtopic.php?t=160547

Stránka 1 z 1

preventivka

Napsal: 30 říj 2025 18:57
od frydas
Ahoj, prosím o preventivku. Notebook z nějakého důvodu extrémně zpomalil a nevím čím by to mohlo být. Děkuji za pomoc :) Jen poprosím mluvte se mnou vyloženě jak s blbem, ať něco nepodělám :D vyosek mi kdysi pomáhal super návodama :)


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2025
Ran by Lenovo (administrator) on LUKÁŠFRYDRYCH (LENOVO 20NSS2SG0P) (30-10-2025 18:45:17)
Running from C:\Users\Lenovo\Desktop\FRST64.exe
Loaded Profiles: Lenovo
Platform: Microsoft Windows 11 Pro Version 25H2 26200.6901 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzWDLDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files\PC Remote Receiver\MonectServerService.exe ->) (Monect (Suzhou) Co., Ltd. -> ) C:\Program Files\PC Remote Receiver\MonectServer.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <71>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDrive.Sync.Service.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareService) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareService\QuickShareService.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\142.0.7444.18\remoting_host.exe <2>
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_ef0d92102be8d7c5\Intel_PIE_Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_ece153ca769ec179\aesm_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_7aa6ca9dbb25bff8\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d2ec57bb7e27bb06\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d2ec57bb7e27bb06\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_0fefde8b58482d0b\x64\LITSSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\NisSrv.exe
(services.exe ->) (Monect (Suzhou) Co., Ltd. -> Monect, Inc.) C:\Program Files\PC Remote Receiver\MonectServerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7de98da61391430f\RtkAudUService64.exe <3>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2510.1001.55.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\141.0.3537.99\Installer\setup.exe [7665232 2025-10-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\Run: [Teams] => C:\Users\Lenovo\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teams.exe [0 0] () [symlink -> ]
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Uninstall 25.184.0921.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.184.0921.0004" [0 2025-10-27] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3600072 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-10-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\141.0.7390.123\Installer\chrmstp.exe [2025-10-25] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E11C36B1-23E8-4A15-9F9A-F6F2AB4DA55F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{F83BB6E0-F592-4561-B206-17394F847255} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC)
Task: {C18C6E5B-CD67-45EC-B77E-F65B05DD898D} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2458931124-789934246-4282936195-1001 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [91416 2025-04-29] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {489BD5D3-8637-4E13-88A0-153D5160AA98} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129880 2025-06-03] (Lenovo -> Lenovo)
Task: {F625BAAD-3C10-4315-8F25-C07D083307DD} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {28A8F519-8411-4619-BCAC-2D2FD6B09B38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43C0545E-500B-4640-9505-40B0BE8C8631} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E0EC829B-C9C8-4164-8FFE-5BBC678B95B5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2E36FF89-14C6-414C-A8B4-8CE37A46A70F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpCmdRun.exe [1790640 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BEE0F47F-7F80-492B-9E07-BD730355F830} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2458931124-789934246-4282936195-1001 => C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDriveLauncher.exe [725880 2025-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D0B7008-1AFC-4D3E-9BB6-0D732499D78E} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7de98da61391430f\RtkAudUService64.exe [1868088 2023-07-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7180A493-9E83-44CF-965D-08891B5FA8D5} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {4D008373-ED41-470E-84F5-CA1F07FB8096} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {E0CEEB5C-C161-4091-9ABA-8DE666CBE26A} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2458931124-789934246-4282936195-1001 => C:\Users\Lenovo\AppData\Roaming\Zoom\bin\Zoom.exe [462776 2025-10-01] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}: [DhcpDomain] home
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}\245405C414E4D25374: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}\245407C616E6: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}\662797461637: [DhcpNameServer] 10.56.150.68
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}\D4168796D65737: [DhcpNameServer] 1.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{d19b0ae6-2de0-40e6-bed9-8c7a7fe0e699}\D45647C4966656D225B4: [DhcpNameServer] 192.168.8.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-19]
Edge Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-22]
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-07-09]

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2025-10-30]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.netflix.com
CHR HomePage: Default -> hxxp://google.cz/
CHR StartupUrls: Default -> "hxxp://google.cz/","hxxp://google.sk/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adblock na Youtube™) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2025-09-05]
CHR Extension: (Ad Block Genius - zastavte vtíravé reklamy) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkagmnnkfinalebballociekdnlaniem [2025-10-06]
CHR Extension: (Adblock Bear - Blokujte invazivní reklamy) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdiknemhndplpgnnnjjjhphhembfojec [2025-06-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-23]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-10-29]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2025-07-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-18]
CHR Extension: (YT-Encrypt) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcihlmcbnllaghbgjddinocpdcpfecbm [2023-12-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\142.0.7444.18\remoting_host.exe [74392 2025-10-05] (Google LLC -> Google LLC)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1633440 2019-07-01] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [394176 2019-07-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\ibmpmsvc.exe [1039808 2025-09-25] (Lenovo -> Lenovo)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352392 2024-06-26] (Lenovo -> Lenovo Group Limited)
S4 LenovoBrightCtrl; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_0fefde8b58482d0b\x64\BrightnessControl.exe [157008 2025-02-26] (Lenovo -> Lenovo.)
R2 LITSSVC; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_0fefde8b58482d0b\x64\LITSSvc.exe [1143640 2025-02-26] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\LPlatSvc.exe [903104 2025-09-25] (Lenovo -> Lenovo)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9608720 2025-09-12] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-09] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MpDefenderCoreService.exe [2026144 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 MonectServerService; C:\Program Files\PC Remote Receiver\MonectServerService.exe [2772600 2025-03-18] (Monect (Suzhou) Co., Ltd. -> Monect, Inc.)
S4 Plarium Play Client Service; C:\Users\Lenovo\AppData\Local\PlariumPlay\10.3.0-0.0.0\PlariumPlayClientService\PlariumPlayClientService.exe [200512 2025-05-22] (Plarium Global LTD -> PlariumPlayClientService)
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1884808 2025-05-28] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [249480 2025-05-27] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300232 2025-07-15] (Razer USA Ltd. -> Razer Inc.)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-04-28] (Razer USA Ltd. -> Razer Inc.)
R2 SamsungQuickShareService; C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareService\QuickShareService.exe [16499712 2025-09-30] (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareService)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803064 2025-09-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\NisSrv.exe [4418608 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25090.3009-0\MsMpEng.exe [282440 2025-10-22] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MyWiFiDHCPDNS; "C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\ibmpmdrv.sys [66008 2025-09-25] (Lenovo -> Lenovo)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [333216 2025-09-18] (Microsoft Windows -> Microsoft Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\pmdrvs.sys [52192 2025-09-25] (Lenovo -> Lenovo)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007a; C:\WINDOWS\System32\drivers\RzDev_007a.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_007e; C:\WINDOWS\System32\drivers\RzDev_007e.sys [54152 2020-08-24] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 TPS65988; C:\WINDOWS\System32\drivers\TPS65988.sys [48208 2019-07-22] (FPT USA Corp. -> )
R3 ViGEmBus; C:\WINDOWS\System32\drivers\ViGEmBus.sys [69168 2019-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Benjamin Höglinger-Stelzer)
S3 vjoy; C:\WINDOWS\System32\drivers\vjoy.sys [67448 2019-07-14] (On-site Dental Systems (Justin Shafer) -> Shaul Eizikovich)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20888 2025-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [629128 2025-10-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [102832 2025-10-22] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_6eb0b77a25e99e6e\WiMan\WiMan.sys [165224 2020-12-29] (Intel Wireless Driver -> )
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-01-06] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-08-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-30 18:45 - 2025-10-30 18:46 - 000025423 _____ C:\Users\Lenovo\Desktop\FRST.txt
2025-10-30 18:44 - 2025-10-30 18:46 - 000000000 ____D C:\FRST
2025-10-30 18:44 - 2025-10-30 18:44 - 002443264 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2025-10-30 18:43 - 2025-10-30 18:44 - 002443264 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2025-10-30 18:42 - 2025-10-30 18:42 - 002134528 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST.exe
2025-10-30 18:42 - 2025-10-30 18:42 - 002134528 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST.exe
2025-10-30 14:33 - 2025-10-30 14:33 - 000389847 _____ C:\Users\Lenovo\Downloads\Hodnocení produktů.pdf
2025-10-30 14:28 - 2025-10-30 14:28 - 000047688 _____ C:\Users\Lenovo\Downloads\PrintOffer-4.pdf
2025-10-30 02:02 - 2025-10-30 17:09 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-10-24 14:30 - 2025-10-24 14:30 - 000136360 _____ C:\Users\Lenovo\Downloads\Scan.pdf
2025-10-24 10:58 - 2025-10-24 10:58 - 000034880 _____ C:\Users\Lenovo\Downloads\zmena_cpp_251024_115328.pdf
2025-10-24 10:24 - 2025-10-24 10:24 - 000130536 _____ C:\Users\Lenovo\Downloads\Devát_Ivan_20251024 (1).pdf
2025-10-24 10:17 - 2025-10-24 10:17 - 000130422 _____ C:\Users\Lenovo\Downloads\Devát_Ivan_20251024.pdf
2025-10-23 12:34 - 2025-10-23 12:34 - 000679834 _____ C:\WINDOWS\system32\perfh005.dat
2025-10-23 12:34 - 2025-10-23 12:34 - 000145634 _____ C:\WINDOWS\system32\perfc005.dat
2025-10-21 09:38 - 2025-10-21 09:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleUserPEH
2025-10-20 10:04 - 2025-10-20 10:04 - 000107008 _____ C:\Users\Lenovo\Downloads\informatorium-kontakty.xls
2025-10-19 12:17 - 2025-10-19 12:48 - 000000000 ____D C:\Users\Lenovo\Documents\ShareX
2025-10-19 12:14 - 2025-10-19 12:15 - 106603663 _____ (ShareX Team ) C:\Users\Lenovo\Downloads\ShareX-18.0.1-setup.exe
2025-10-19 00:20 - 2025-10-19 00:20 - 000000000 ____D C:\ProgramData\Whesvc
2025-10-17 11:50 - 2025-10-17 11:50 - 000172221 _____ C:\Users\Lenovo\Downloads\identifikacni_list_CSOB-vzplnene.pdf
2025-10-17 11:13 - 2025-10-17 11:13 - 000188167 _____ C:\Users\Lenovo\Downloads\Drápal_Vojtěch_20251017 (1).pdf
2025-10-17 11:13 - 2025-10-17 11:13 - 000168228 _____ C:\Users\Lenovo\Downloads\Drápal_Vojtěch_20251017.pdf
2025-10-16 20:07 - 2025-10-16 20:07 - 000233555 _____ C:\Users\Lenovo\Downloads\RE_ Výpovědi smluv k POV.zip
2025-10-15 13:00 - 2025-10-15 13:00 - 000030470 _____ C:\Users\Lenovo\Downloads\vypoved (2).pdf
2025-10-15 12:35 - 2025-10-15 12:35 - 000030437 _____ C:\Users\Lenovo\Downloads\vypoved (1).pdf
2025-10-15 12:34 - 2025-10-15 12:34 - 000030438 _____ C:\Users\Lenovo\Downloads\vypoved.pdf
2025-10-14 10:12 - 2025-10-14 12:28 - 000000000 ____D C:\Users\Lenovo\Documents\Zvukové záznamy
2025-10-13 11:49 - 2025-10-13 11:49 - 000114525 _____ C:\Users\Lenovo\Downloads\Vojtěch-Drápal_56509.pdf
2025-10-13 11:48 - 2025-10-13 11:48 - 000959102 _____ C:\Users\Lenovo\Downloads\Vypis_1154390890237_20250701_20250930-1.pdf
2025-10-13 11:26 - 2025-10-13 11:26 - 000331450 _____ C:\Users\Lenovo\Downloads\Potrvdenie prijimu CSOB.pdf
2025-10-13 11:18 - 2025-10-13 11:18 - 000203237 _____ C:\Users\Lenovo\Downloads\ČSOB_Potvrzení_příjmu (1).pdf
2025-10-13 10:09 - 2025-10-13 10:09 - 001414549 _____ C:\Users\Lenovo\Downloads\N vrh pojistn‚ smlouvy.pdf
2025-10-12 19:54 - 2025-10-12 19:54 - 000025643 _____ C:\Users\Lenovo\Downloads\Raid hydra stats.xlsx
2025-10-10 14:36 - 2025-10-10 14:36 - 000285386 _____ C:\Users\Lenovo\Downloads\Šimek_Jakub_20251010.pdf
2025-10-10 12:36 - 2025-10-10 12:36 - 000155252 _____ C:\Users\Lenovo\Downloads\ČSOB_Potvrzení_příjmu.pdf
2025-10-10 09:54 - 2025-10-10 09:54 - 000340300 _____ C:\Users\Lenovo\Downloads\Drápal_Vojtěch_20251010 (1).pdf
2025-10-10 09:54 - 2025-10-10 09:54 - 000340299 _____ C:\Users\Lenovo\Downloads\Drápal_Vojtěch_20251010 (2).pdf
2025-10-10 09:53 - 2025-10-10 09:53 - 000310337 _____ C:\Users\Lenovo\Downloads\Drápal_Vojtěch_20251010.pdf
2025-10-09 10:10 - 2025-10-24 10:53 - 000000000 ____D C:\Users\Lenovo\Downloads\Phone Link
2025-10-08 12:37 - 2025-10-08 12:37 - 000281872 _____ C:\Users\Lenovo\Downloads\Devát_Ivan_Nabídka Poj. nemovitosti.pdf
2025-10-08 11:31 - 2025-10-08 11:31 - 000317160 _____ C:\Users\Lenovo\Downloads\Devát_Ivan_Nabídka Poj. nemovitosti_2.pdf
2025-10-08 11:29 - 2025-10-08 11:29 - 000970228 _____ C:\Users\Lenovo\Downloads\FAQ.pdf
2025-10-08 11:29 - 2025-10-08 11:29 - 000970228 _____ C:\Users\Lenovo\Downloads\FAQ (1).pdf
2025-10-08 11:29 - 2025-10-08 11:29 - 000401591 _____ C:\Users\Lenovo\Downloads\Devát_Ivan_20251008 (1).pdf
2025-10-08 11:28 - 2025-10-08 11:28 - 001154938 _____ C:\Users\Lenovo\Downloads\Devát_Ivan_20251008.pdf
2025-10-08 11:00 - 2025-10-08 11:00 - 002097648 _____ C:\Users\Lenovo\Downloads\Frydrych Lukáš smlouva o spolupráci.zip
2025-10-01 09:50 - 2025-10-01 09:50 - 000026585 _____ C:\Users\Lenovo\Downloads\call_script_zivotni_pojisteni_upraveny.pdf
2025-10-01 09:49 - 2025-10-01 09:49 - 000003722 _____ C:\Users\Lenovo\Downloads\call_script_zivotni_pojisteni.pdf
2025-10-01 09:13 - 2025-10-01 09:13 - 000004252 _____ C:\WINDOWS\system32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2458931124-789934246-4282936195-1001
2025-10-01 09:13 - 2025-10-01 09:13 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Zoom
2025-10-01 09:13 - 2025-10-01 09:13 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2025-10-01 09:13 - 2025-10-01 09:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Zoom
2025-09-30 10:18 - 2025-09-30 10:18 - 000035125 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-09-30 10:18 - 2025-09-30 10:18 - 000035125 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-10-30 18:40 - 2024-01-14 20:25 - 000000000 ____D C:\WINDOWS\TempInst
2025-10-30 18:33 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-30 18:32 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-30 17:10 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-30 15:06 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-10-30 08:35 - 2025-01-06 16:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-10-29 10:13 - 2023-11-20 16:05 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2025-10-28 14:19 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-10-27 22:56 - 2025-01-20 19:09 - 000003572 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2458931124-789934246-4282936195-1001
2025-10-27 22:56 - 2025-01-06 16:26 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2458931124-789934246-4282936195-1001
2025-10-27 22:56 - 2025-01-06 16:26 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2458931124-789934246-4282936195-1001
2025-10-27 22:56 - 2023-11-20 16:07 - 000002382 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-26 00:01 - 2025-01-06 16:26 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-26 00:01 - 2025-01-06 16:26 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-25 04:16 - 2023-12-18 12:15 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-10-25 04:16 - 2023-12-18 12:15 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-10-24 08:50 - 2023-11-20 16:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PlaceholderTileLogoFolder
2025-10-24 08:50 - 2023-11-20 16:05 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2025-10-23 12:34 - 2025-01-06 16:31 - 001603798 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-10-23 12:28 - 2025-01-06 16:22 - 000000000 ____D C:\Users\Lenovo
2025-10-23 12:28 - 2024-01-14 20:32 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2025-10-23 12:27 - 2025-01-09 05:32 - 000000000 ____D C:\WINDOWS\Minidump
2025-10-23 12:27 - 2025-01-06 16:25 - 000008030 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-10-23 12:26 - 2025-01-06 16:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-23 12:26 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-10-23 12:26 - 2023-11-20 17:16 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2025-10-23 12:26 - 2023-11-20 16:26 - 000000000 ____D C:\Intel
2025-10-23 12:26 - 2023-11-20 15:57 - 002742642 ____N C:\WINDOWS\Minidump\102325-16781-01.dmp
2025-10-23 12:26 - 2023-11-20 15:57 - 000012288 ___SH C:\DumpStack.log.tmp
2025-10-23 03:41 - 2024-04-01 08:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-10-23 03:40 - 2025-01-06 16:19 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-10-23 03:39 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-10-23 03:39 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-22 08:53 - 2023-11-20 15:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-10-21 17:53 - 2025-01-06 16:21 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-19 13:34 - 2025-01-04 11:52 - 000000000 ___DC C:\WINDOWS\Panther
2025-10-19 13:33 - 2024-01-18 04:25 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2025-10-19 12:53 - 2025-01-04 11:46 - 000000000 ____D C:\Program Files (x86)\Leria
2025-10-17 16:04 - 2024-01-14 00:50 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Malwarebytes
2025-10-17 15:57 - 2025-01-06 16:19 - 000297264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-17 15:55 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-10-17 15:55 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-10-17 10:56 - 2023-11-20 17:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-17 10:44 - 2023-11-20 17:04 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-15 23:06 - 2023-12-18 12:14 - 000000000 ____D C:\Program Files (x86)\Google
2025-10-05 07:39 - 2024-01-14 00:49 - 000001379 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2025-10-05 00:01 - 2024-01-14 00:53 - 000001273 _____ C:\Users\Lenovo\Desktop\ESET Online Scanner.lnk
2025-09-30 14:44 - 2023-11-20 16:32 - 000000000 ____D C:\Program Files\Intel
2025-09-30 14:38 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-09-30 14:38 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-09-30 14:38 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing

==================== Files in the root of some directories ========

2024-01-04 19:54 - 2025-03-05 17:40 - 000099428 _____ () C:\Users\Lenovo\AppData\Local\PlariumPlay.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: preventivka

Napsal: 30 říj 2025 20:55
od Rudy
Zdravím!
Přidejte ještě log Addition. Je na ploše, soubor addition.txt. Děkuji.

Re: preventivka

Napsal: 30 říj 2025 21:48
od frydas
pravda omlouvám se, tady je

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-202
Ran by Lenovo (30-10-2025 18:50:26)
Running from C:\Users\Lenovo\Desktop
Microsoft Windows 11 Pro Version 25H2 26200.6901 (X64) (2025-01-06 15:27:17)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2458931124-789934246-4282936195-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2458931124-789934246-4282936195-503 - Limited - Disabled)
Guest (S-1-5-21-2458931124-789934246-4282936195-501 - Limited - Disabled)
Lenovo (S-1-5-21-2458931124-789934246-4282936195-1001 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-2458931124-789934246-4282936195-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{565f1fac-1f41-47e8-916d-c7ec5ab1a6b2}) (Version: 20.120.0.0u - Intel Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 141.0.7390.123 - Google LLC)
Chrome Remote Desktop Host (HKLM-x32\...\{EF5357E5-089B-4503-A777-6A0D7B01E5E0}) (Version: 142.0.7444.18 - Google LLC)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{8F7809B3-BA0B-4190-8F42-A26155830655}) (Version: 20.120.0.2866 - Intel Corporation) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.18 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.03.59 - Lenovo)
Malwarebytes version 5.3.7.209 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.7.209 - Malwarebytes)
Microsoft .NET Host - 6.0.10 (x64) (HKLM\...\{0222FFF1-57A3-48A6-9AD2-0D6B5D0172B3}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.10 (x64) (HKLM\...\{A93C4E12-1BAB-4CFB-ADBC-9CE0B93176FF}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.10 (x64) (HKLM\...\{A2A39CB9-677D-4299-8537-C00B99F3D4A4}) (Version: 48.43.48869 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.99 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.99 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\OneDriveSetup.exe) (Version: 25.189.0928.0002 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29914 (HKLM-x32\...\{1b5476d9-ab8e-4b0d-b004-059a1bd5568b}) (Version: 14.28.29914.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29914 (HKLM-x32\...\{BD8C6100-7C7D-48DD-93BA-69F6828213FE}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29914 (HKLM-x32\...\{42365A3A-622A-4EED-A727-FE192A794AFD}) (Version: 14.28.29914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM\...\{3EC7701F-54F2-491D-AFD1-0395F465BC5A}) (Version: 48.43.48870 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.10 (x64) (HKLM-x32\...\{ff748137-9c9a-4056-be0a-48c7e465453c}) (Version: 6.0.10.31726 - Microsoft Corporation)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
PC Remote Receiver 7.7.2 (HKLM\...\PC Remote Receiver) (Version: 7.7.2 - Monect (Suzhou) Co., Ltd.)
Plarium Play (HKLM-x32\...\{0bdcf8c0-174b-4861-8b04-73bb5bb778d4}) (Version: 10.3.0 - Plarium)
PlariumPlay (HKLM-x32\...\{A6313AEC-CADB-46F3-8FDA-A5FD90F20680}) (Version: 10.3.0 - Plarium) Hidden
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0730.071519 - Razer Inc.)
Revo Uninstaller 2.4.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.4.5 - VS Revo Group, Ltd.)
Zoom Workplace (HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\ZoomUMX) (Version: 6.6.1 (15968) - Zoom Communications, Inc.)

Chrome apps:
============
Vzdálená plocha Chrome (HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\64e652478be66791f5f08c67c82a0107) (Version: 1.0 - Google\Chrome)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-31] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-31] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-31] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6725.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-23] (Microsoft Windows)
@{MicrosoftWindows.58683691.InpApp_1000.26100.6899.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-23] (Microsoft Windows)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-14] (INTEL CORP) [Startup Task]
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-23] (Microsoft Windows)
DocX View & Edit -> C:\Program Files\WindowsApps\40242YTDApp.DocXViewEdit_1.3.7.0_neutral__fem9xfxjkkftg [2025-08-26] (YTDApp)
Dolby Audio Premium -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudioPremium_3.20402.409.0_x64__rz1tebttyb220 [2023-11-21] (Dolby Laboratories)
ELAN Touchpad for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTouchpadforThinkpad_24.121.15.0_x64__stws0m115j6hg [2024-12-15] (ELAN Microelectronics Corporation)
ELAN TrackPoint for Thinkpad -> C:\Program Files\WindowsApps\ELANMicroelectronicsCorpo.ELANTrackPointforThinkpa_24.121.51.0_x64__stws0m115j6hg [2024-12-15] (ELAN Microelectronics Corporation)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-09-12] ()
Quick Share -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy [2025-09-30] (Samsung Electronics Co, Ltd.) [Startup Task]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.44.299.0_x64__dt26b99r8h8gj [2024-06-16] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0 [2025-10-26] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2542.2.0_x64__cv1g1gvanyjgm [2025-10-24] (WhatsApp Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{07cb6d86-5d64-7d78-2f33-99d695ee0b6d}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.5.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{274dfafb-9589-927a-d915-6f8dc25bfce3}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\10.1.0-0.0.0\dotnet\PlariumPlay.NetHost.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{3792d339-9d58-b6c6-7239-ea1b698eb112}\localserver32 -> C:\Users\Lenovo\AppData\Local\PlariumPlay\10.3.0-0.0.0\dotnet\PlariumPlay.NetHost.exe (Plarium Global LTD -> PlariumPlay.NetHost)
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{3858d726-f795-624a-7116-01e657a92bf4}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.1.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{594e28aa-5aac-6dd6-2075-5628a71b2fda}\localserver32 -> C:\Users\Lenovo\AppData\Local\PlariumPlay\10.2.0-0.0.0\dotnet\PlariumPlay.NetHost.exe (Plarium Global LTD -> PlariumPlay.NetHost)
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{76D16327-5239-4CB6-906C-AFE3FA198C6F} -> [Galaxy S22-lukas frydrych] => C:\Users\Lenovo\CrossDevice\Galaxy S22-lukas frydrych [2025-03-11 13:55]
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{7eb4594c-f9c2-e074-571d-faf2c6bd8569}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.4.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.189.0928.0002\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{d7724452-3c32-7919-bb37-4780eb63e7ea}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.3.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{e77321e0-2e05-b357-6532-603c9ab15bcd}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.2.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{ee61b02c-fbe2-b1b5-012e-f82bdfb3585c}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\8.9.0-0.0.1\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-06-28] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-06-28] (Malwarebytes Inc -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [MidisrvTransferComplete] => 0

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Lenovo\Desktop\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_cmkncekebbebpfilplodngbpllndjkfo\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo
ShortcutWithArgument: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cmkncekebbebpfilplodngbpllndjkfo

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.0.1
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Wireless-AC 9560 160MHz -> Netwtw08.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Ethernet: Intel(R) Ethernet Connection (6) I219-LM -> e1d68x64.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2458931124-789934246-4282936195-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\10579133071960621160\134062316499332714.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{073C1358-F5E0-4003-9967-6F6D599A8E1B}] => (Allow) C:\Program Files (x86)\Leria\Leria_Patcher.exe => No File
FirewallRules: [{67FA4DB3-5B36-4F00-92C1-122E9611F6F4}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{9D17EF09-CA52-4614-A072-74F654555C28}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{77D7772B-3C2B-4641-A95E-52C6D1981FBA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => No File
FirewallRules: [TCP Query User{F7CACC1B-0AA2-43BC-A9C3-74A8192CA746}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{A36544E1-DE7D-402F-B0E3-60243090B115}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe => No File
FirewallRules: [{CDFD39A1-1262-42B7-A8DA-716A562339A7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25007.203.3359.7325_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{456AB722-568E-4E37-AE7B-CC4FCFB5AE4F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25007.203.3359.7325_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{763B2A84-8E0D-497C-A018-BB92FC82FB42}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{A1D591AE-695A-44BB-BA52-B60590831CFD}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{8135BB86-8682-4770-91A1-F7331FBCBB4D}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
FirewallRules: [{6264F356-9E2A-48CA-A59A-CA50A3A96AB4}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
FirewallRules: [{E5976434-B605-4449-AB68-36026AD648FE}] => (Allow) C:\Program Files\PC Remote Receiver\MonectServerService.exe (Monect (Suzhou) Co., Ltd. -> Monect, Inc.)
FirewallRules: [{7D98C87C-75E9-4359-99BC-2F730CEF0A6A}] => (Allow) C:\Program Files\PC Remote Receiver\PCRemoteReceiver.exe (Monect (Suzhou) Co., Ltd. -> Monect, Inc.)
FirewallRules: [{C02F3450-C55B-4C94-B277-D779C9861523}] => (Allow) C:\Program Files\PC Remote Receiver\MonectMediaCenter.exe (Monect (Suzhou) Co., Ltd. -> )
FirewallRules: [{25EE4BC0-1A5E-48B7-93A9-2504EF980D5D}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{402734AB-8277-4AC3-9F6C-5F2D16A047C0}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{08284008-3E40-4EB7-89A4-326F9CC13A58}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{88751F31-2345-4470-ABBF-48FFA44790DA}] => (Allow) C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungQuickShare_2.2.19.0_x64__wyx1vj98g3asy\QuickShareCore\QuickShareCore.exe (14C847C8-791E-46EB-9C0D-7CADAF31C930 -> QuickShareCore)
FirewallRules: [{1AF0E67E-197B-41B6-A8EC-76EC2BE56E30}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\142.0.7444.18\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{4A02637F-6DB4-4550-A7CE-77CCC66647A3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25275.2601.4002.2815_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C650D9F0-F1FD-48F9-B796-16B6AD59F61E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25275.2601.4002.2815_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19E870B7-3A2D-4ABB-8F94-B46C81E85A53}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25275.2601.4002.2815_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AEB96B54-6902-441A-AEEA-56D33D4AB7B0}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25275.2601.4002.2815_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D585C47-16D1-4B24-8805-DE2BBC971FA6}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{ACA13B64-1E67-4AD6-9392-8587698CDDFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7C79641E-0872-469F-B639-05D1CAB5319D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F491D929-F9AC-4264-85E7-3C4611F373D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5E48F7D5-8FB2-43DE-82E4-7E006ED68728}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B4BFA9F8-E56C-4D4F-9943-5EE5E2653412}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4814EAA7-C353-43E8-8B20-ED7FAB6CAB9A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{54AA7A73-0728-4565-BAE2-5EC1509322F5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FDD5B93F-FB6E-4320-BA9C-FB79D3C3B514}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2B1ED08D-A031-4721-A2AC-87135BE6BD02}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{BCD382FA-AB1B-4960-8992-401005F7FDA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1FD98972-FF06-49CA-97A1-D1B08765E1CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{78E1AB10-2DEF-432A-B7DA-7FB8887AF532}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D1FEBEEB-9C0E-46D6-86C3-EBB4331F6A67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.275.510.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

27-10-2025 15:43:20 Windows Update
27-10-2025 15:43:21 Windows Update
27-10-2025 15:43:46 Windows Update
29-10-2025 00:41:48 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============
Name: vJoy Device
Description: vJoy Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Shaul Eizikovich
Service: vjoy
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/23/2025 03:44:09 AM) (Source: Universal Print) (EventID: 1) (User: )
Description: Failed to GetUserSid. hr: 0x8001012d

Error: (10/19/2025 12:49:38 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen..To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {338758d0-e467-42f5-8a44-d88597e8e818}

Error: (10/16/2025 10:06:18 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 141.0.7390.54 programu chrome.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (10/15/2025 09:37:13 AM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: Verze 1.0.0.0 programu Elveron.exe ukončila interakci se systémem Windows a byla ukončena. Pokud chcete zjistit, zda jsou k dispozici další informace o problému, zkontrolujte historii problémů v ovládacím panelu Zabezpečení a údržba.

Error: (10/14/2025 06:41:19 PM) (Source: Application Error) (EventID: 1000) (User: LUKÁŠFRYDRYCH)
Description: Název chybující aplikace: QtWebEngineProcess.exe, verze: 5.15.2.0, časové razítko: 0x5fad38e0
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.6725, časové razítko: 0x94557c4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0006a056
ID chybujícího procesu: 0x100dc
Čas spuštění chybující aplikace: 0x1dc3d31aa89ee31
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Local\Temp\_MEI1136282\PyQt5\Qt5\bin\QtWebEngineProcess.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 3603ff66-f468-4ab3-a545-b8163986b2b6
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (10/14/2025 06:41:16 PM) (Source: Application Error) (EventID: 1000) (User: LUKÁŠFRYDRYCH)
Description: Název chybující aplikace: QtWebEngineProcess.exe, verze: 5.15.2.0, časové razítko: 0x5fad38e0
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.6725, časové razítko: 0x94557c4c
Kód výjimky: 0xc0000005
Posun chyby: 0x0006a056
ID chybujícího procesu: 0x100dc
Čas spuštění chybující aplikace: 0x1dc3d31aa89ee31
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Local\Temp\_MEI1136282\PyQt5\Qt5\bin\QtWebEngineProcess.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 55c45395-3945-40eb-9096-06641d08fcce
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (10/01/2025 09:13:44 AM) (Source: Application Error) (EventID: 1000) (User: LUKÁŠFRYDRYCH)
Description: Název chybující aplikace: Installer.exe, verze: 6.6.1.15968, časové razítko: 0x68cd14b9
Název chybujícího modulu: Installer.exe, verze: 6.6.1.15968, časové razítko: 0x68cd14b9
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006cac4
ID chybujícího procesu: 0x5cf4
Čas spuštění chybující aplikace: 0x1dc32ab4dbf7194
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Roaming\Zoom\ZoomDownload\Installer.exe
Cesta k chybujícímu modulu: C:\Users\Lenovo\AppData\Roaming\Zoom\ZoomDownload\Installer.exe
ID sestavy: b68a2a33-d46d-43ca-acc2-203f976c499f
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (09/30/2025 02:27:50 PM) (Source: Application Error) (EventID: 1000) (User: LUKÁŠFRYDRYCH)
Description: Název chybující aplikace: WidgetBoard.exe, verze: 525.22301.30.0, časové razítko: 0x689e3d94
Název chybujícího modulu: Microsoft.WindowsAppRuntime.dll, verze: 1.6.0.0, časové razítko: 0xb70aa50b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000015f3f
ID chybujícího procesu: 0x62ac
Čas spuštění chybující aplikace: 0x1dc320e047abf1a
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.22301.90.0_x64__cw5n1h2txyewy\WidgetBoard.exe
Cesta k chybujícímu modulu: C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.6_6000.519.329.0_x64__8wekyb3d8bbwe\Microsoft.WindowsAppRuntime.dll
ID sestavy: cf409fa6-6c75-42bb-8d6b-ce992c6171b6
Celý název chybujícího balíčku: MicrosoftWindows.Client.WebExperience_525.22301.90.0_x64__cw5n1h2txyewy
ID chybující aplikace relativní vzhledem k balíčku: Global.WidgetBoard


System errors:
=============
Error: (10/30/2025 05:10:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.

Error: (10/30/2025 05:10:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4LS1F-Microsoft.StorePurchaseApp.

Error: (10/30/2025 05:10:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PCTGDFXVZLJ-SAMSUNGELECTRONICSCoLtd.SamsungQuickShare.

Error: (10/28/2025 04:55:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PCTGDFXVZLJ-SAMSUNGELECTRONICSCoLtd.SamsungQuickShare.

Error: (10/27/2025 08:51:25 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby Razer Synapse Service bylo dosaženo časového limitu (30000 ms).

Error: (10/26/2025 03:29:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PCTGDFXVZLJ-SAMSUNGELECTRONICSCoLtd.SamsungQuickShare.

Error: (10/24/2025 12:15:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PCTGDFXVZLJ-SAMSUNGELECTRONICSCoLtd.SamsungQuickShare.

Error: (10/23/2025 12:31:51 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: FirmwareVersion:R10ET54W (1.39 );OEMManufacturerName:LENOVO;OEMModelSKU:LENOVO_MT_20NS_BU_Think_FM_ThinkPad L390;OSArchitecture:amd64;
BucketId: d411a5795140fe76f8e6ef10530e3b93fa9c6019e385528cee2f14b44ee206db
BucketConfidenceLevel:
UpdateType: 0
HResult: 0


Windows Defender:
================
Date: 2025-10-30 09:48:04
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{5B602641-4BD5-4CC8-B49F-873263E7E95B}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъŜ¢ĥзδůŀėď ѕčаň ẃªś ѕκϊφρзđ ъε¢άύśé тнė ļǻşт šџ¢čзššƒцľ śĉåή ώãŝ щīŧнĩň τћė ľάŝŧ 7 đªγś

Date: 2025-10-30 01:18:53
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{7D4C3268-1EEA-412C-8E34-1D01622B9B8F}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъŜ¢ĥзδůŀėď ѕčаň ẃªś ѕκϊφρзđ ъε¢άύśé тнė ļǻşт šџ¢čзššƒцľ śĉåή ώãŝ щīŧнĩň τћė ľάŝŧ 7 đªγś

Date: 2025-10-28 13:36:02
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{99B6E781-CB28-42A5-A5C2-766FE32C946D}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъŜ¢ĥзδůŀėď ѕčаň ẃªś ѕκϊφρзđ ъε¢άύśé тнė ļǻşт šџ¢čзššƒцľ śĉåή ώãŝ щīŧнĩň τћė ľάŝŧ 7 đªγś

Date: 2025-10-27 13:58:48
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{0818ED19-0D2D-4AF7-86BA-A5ADD98BF85A}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъŜ¢ĥзδůŀėď ѕčаň ẃªś ѕκϊφρзđ ъε¢άύśé тнė ļǻşт šџ¢čзššƒцľ śĉåή ώãŝ щīŧнĩň τћė ľάŝŧ 7 đªγś

Date: 2025-10-27 01:07:19
Description:
Antivirová ochrana v programu Microsoft Defender ѕсдπ ђдŝ ьέεη ŝţоφрєð вĕƒőřë ċõmрĺεţíθñ.%ή %ŧŠçāʼn ĬÐ:%ъ{902239A1-8139-400B-B66A-9593FA5FAA67}%ⁿ %ťŚ¢αʼn Τÿр℮:%вAntimalwarový program%ŋ %ţŠсаņ Рäřдмėŧēřş:%вRychlé prohledávání%ń %τŪšεг:%ьNT AUTHORITY\SYSTEM%ʼn %ťŚŧòρ Řêâšóп:%ъŜ¢ĥзδůŀėď ѕčаň ẃªś ѕκϊφρзđ ъε¢άύśé тнė ļǻşт šџ¢čзššƒцľ śĉåή ώãŝ щīŧнĩň τћė ľάŝŧ 7 đªγś

CodeIntegrity:
===============
Date: 2025-10-05 08:41:51
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume3\Users\Lenovo\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Memory info ===========================

BIOS: LENOVO R10ET54W (1.39 ) 07/05/2022
Motherboard: LENOVO 20NSS2SG0P
Processor: Intel(R) Core(TM) i5-8365U CPU @ 1.60GHz
Percentage of memory in use: 81%
Total physical RAM: 16073.6 MB
Available physical RAM: 2964.21 MB
Total Virtual: 40649.6 MB
Available Virtual: 15958.65 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.79 GB) (Free:356.4 GB) (Model: SAMSUNG MZVKV512HAJH-000L1) NTFS

\\?\Volume{d0a4f7d8-b8e6-416c-b25b-d28d0236bc90}\ () (Fixed) (Total:1.03 GB) (Free:0.11 GB) NTFS
\\?\Volume{e75f75fc-b5fd-48dd-818c-3aaf2343662c}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 62BFE1B9)

Partition: GPT.

==================== End of Addition.txt =======================

Re: preventivka

Napsal: 31 říj 2025 09:05
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{07cb6d86-5d64-7d78-2f33-99d695ee0b6d}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.5.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{274dfafb-9589-927a-d915-6f8dc25bfce3}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\10.1.0-0.0.0\dotnet\PlariumPlay.NetHost.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{3858d726-f795-624a-7116-01e657a92bf4}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.1.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{7eb4594c-f9c2-e074-571d-faf2c6bd8569}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.4.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{d7724452-3c32-7919-bb37-4780eb63e7ea}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.3.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{e77321e0-2e05-b357-6532-603c9ab15bcd}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.2.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{ee61b02c-fbe2-b1b5-012e-f82bdfb3585c}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\8.9.0-0.0.1\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
FirewallRules: [{77D7772B-3C2B-4641-A95E-52C6D1981FBA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => No File
FirewallRules: [TCP Query User{F7CACC1B-0AA2-43BC-A9C3-74A8192CA746}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{A36544E1-DE7D-402F-B0E3-60243090B115}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe => No File
FirewallRules: [{073C1358-F5E0-4003-9967-6F6D599A8E1B}] => (Allow) C:\Program Files (x86)\Leria\Leria_Patcher.exe => No File
FirewallRules: [{763B2A84-8E0D-497C-A018-BB92FC82FB42}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{A1D591AE-695A-44BB-BA52-B60590831CFD}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{8135BB86-8682-4770-91A1-F7331FBCBB4D}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
FirewallRules: [{6264F356-9E2A-48CA-A59A-CA50A3A96AB4}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Uninstall 25.184.0921.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.184.0921.0004" [0 2025-10-27] () <==== ATTENTION [zero byte File/Folder]
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: preventivka

Napsal: 31 říj 2025 12:41
od frydas
tak jo, udělal jsem to, díky :)

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2025
Ran by Lenovo (31-10-2025 12:31:28) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{07cb6d86-5d64-7d78-2f33-99d695ee0b6d}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.5.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{274dfafb-9589-927a-d915-6f8dc25bfce3}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\10.1.0-0.0.0\dotnet\PlariumPlay.NetHost.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{3858d726-f795-624a-7116-01e657a92bf4}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.1.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{7eb4594c-f9c2-e074-571d-faf2c6bd8569}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.4.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{d7724452-3c32-7919-bb37-4780eb63e7ea}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.3.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{e77321e0-2e05-b357-6532-603c9ab15bcd}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\9.2.0-0.0.0\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{ee61b02c-fbe2-b1b5-012e-f82bdfb3585c}\localserver32 -> "C:\Users\Lenovo\AppData\Local\PlariumPlay\8.9.0-0.0.1\dotnet\info\PlariumPlayInfo.exe" -ToastActivated => No File
FirewallRules: [{77D7772B-3C2B-4641-A95E-52C6D1981FBA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => No File
FirewallRules: [TCP Query User{F7CACC1B-0AA2-43BC-A9C3-74A8192CA746}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe => No File
FirewallRules: [UDP Query User{A36544E1-DE7D-402F-B0E3-60243090B115}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe => No File
FirewallRules: [{073C1358-F5E0-4003-9967-6F6D599A8E1B}] => (Allow) C:\Program Files (x86)\Leria\Leria_Patcher.exe => No File
FirewallRules: [{763B2A84-8E0D-497C-A018-BB92FC82FB42}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{A1D591AE-695A-44BB-BA52-B60590831CFD}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{8135BB86-8682-4770-91A1-F7331FBCBB4D}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
FirewallRules: [{6264F356-9E2A-48CA-A59A-CA50A3A96AB4}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2458931124-789934246-4282936195-1001\...\RunOnce: [Uninstall 25.184.0921.0004] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\25.184.0921.0004" [0 2025-10-27] () <==== ATTENTION [zero byte File/Folder]
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{07cb6d86-5d64-7d78-2f33-99d695ee0b6d} => removed successfully
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{274dfafb-9589-927a-d915-6f8dc25bfce3} => removed successfully
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{3858d726-f795-624a-7116-01e657a92bf4} => removed successfully
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{7eb4594c-f9c2-e074-571d-faf2c6bd8569} => removed successfully
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{d7724452-3c32-7919-bb37-4780eb63e7ea} => removed successfully
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{e77321e0-2e05-b357-6532-603c9ab15bcd} => removed successfully
HKU\S-1-5-21-2458931124-789934246-4282936195-1001_Classes\CLSID\{ee61b02c-fbe2-b1b5-012e-f82bdfb3585c} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{77D7772B-3C2B-4641-A95E-52C6D1981FBA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{F7CACC1B-0AA2-43BC-A9C3-74A8192CA746}C:\users\lenovo\counter-strike 1.6\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A36544E1-DE7D-402F-B0E3-60243090B115}C:\users\lenovo\counter-strike 1.6\hl.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{073C1358-F5E0-4003-9967-6F6D599A8E1B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{763B2A84-8E0D-497C-A018-BB92FC82FB42}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1D591AE-695A-44BB-BA52-B60590831CFD}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8135BB86-8682-4770-91A1-F7331FBCBB4D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6264F356-9E2A-48CA-A59A-CA50A3A96AB4}" => removed successfully
"HKU\S-1-5-21-2458931124-789934246-4282936195-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => not found
"HKU\S-1-5-21-2458931124-789934246-4282936195-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => not found
"HKU\S-1-5-21-2458931124-789934246-4282936195-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 25.184.0921.0004" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6468685 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 15643332 B
Edge => 0 B
Chrome => 2098390239 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 423240 B
LocalService => 423240 B
NetworkService => 726486 B
Lenovo => 100403496 B

RecycleBin => 0 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 31-10-2025 12:40:33)

C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Is moved successfully

==== End of Fixlog 12:40:33 ====

Re: preventivka

Napsal: 31 říj 2025 15:03
od Rudy
Bylo smazáno. Log by již měl být OK.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz