VIRY.CZ

Ahoj prosím o kontrolu logu, notebook je v poslední době zpomalený, některé operace mu trvají delší dobu, někdy to vypadá že se seknul.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
Ran by Marian M (administrator) on MARIAN (LENOVO 20FMS50T12) (08-01-2026 17:28:42)
Running from C:\Users\Lenovo\Desktop\FRST64.exe
Loaded Profiles: Marian M
Platform: Microsoft Windows 11 Pro Version 22H2 22623.1020 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\SanDisk\Dashboard\DashboardNotificationManager\DashboardNotificationManager.exe
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\bckp_amgr.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\grpm-mini.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\monitoring-mini.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\sh-inventory.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\task-manager.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\adp-agent.exe
(C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\updater.exe
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files (x86)\SanDisk\Dashboard\Dashboard.exe ->) (Sandisk Technologies, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\SanDisk\Dashboard\QtWebEngineProcess.exe <2>
(C:\Program Files (x86)\Sticky Password\stpass.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spUIAManager.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ->) (Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MicrosoftTeams_25331.1101.4152.8047_x64__8wekyb3d8bbwe\msteams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\143.0.3650.96\msedgewebview2.exe <6>
(cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\stpass.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sandisk Technologies, Inc -> ) C:\Program Files (x86)\SanDisk\Dashboard\Dashboard.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files\Common Files\Acronis\ActiveProtection\active_protection_service.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_f222132bfa8270de\RstMwService.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WSL\wslservice.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(sihost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(Spotify AB -> Spotify Ltd) C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe <7>
(svchost.exe ->) (EB51A5DA-0E72-4863-82E4-EA21C1F8DFE3 -> Intel Corporation) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(valWbioSyncSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [163960 2015-11-03] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [643584 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) [File not signed]
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6495416 2025-03-18] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [443472 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4742544 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [StickyPassword] => C:\Program Files (x86)\Sticky Password\stpass.exe [72712 2025-07-10] (Lamantine Software a.s. -> Lamantine Software a.s.)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [Spotify] => C:\Users\Lenovo\AppData\Roaming\Spotify\Spotify.exe [2225536 2025-12-24] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [SmartConnect] => "C:\Program Files\Lenovo\Ready For Assistant\SmartConnect.exe" /mode:background /startup (No File)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [MicrosoftEdgeAutoLaunch_5EF70F99B4529735F3564FFE246DB961] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [ISUSPM] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (No File)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\MountPoints2: {c5996837-9355-11ee-9bb1-c85b76bd964c} - "D:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{49210152-871f-4ffa-961d-a172abcbc09d}] -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe [2025-11-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\143.0.7499.170\Installer\chrmstp.exe [2026-01-03] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D93F63B-8424-4D7C-BE8E-2EB9B9714FA6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000 2015-08-26] (Apple Inc. -> Apple Inc.)
Task: {CD404ED9-ED8F-466D-BA20-7748B96A8AEB} - System32\Tasks\DashboardNotificationManager Task => C:\Program Files (x86)\SanDisk\Dashboard\DashboardNotificationManager\DashboardNotificationManager.exe [146944 2025-09-19] () [File not signed]
Task: {CE0D1200-2718-456D-A7C5-35CC91D24C75} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem144.0.7547.0{886D1C32-4B6F-45DD-876B-53B100054373} => C:\Program Files (x86)\Google\GoogleUpdater\144.0.7547.0\updater.exe [7056536 2025-11-26] (Google LLC -> Google LLC)
Task: {2F2CBA74-239E-4E1C-8708-3FD3A3721E86} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129368 2024-06-26] (Lenovo -> Lenovo)
Task: {E4C46B2F-E68F-4783-8F5C-FB36493B4947} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [65016 2022-12-04] (Lenovo -> )
Task: {3D41128E-75FF-44C0-913E-BF332830C578} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3702919870-1625878937-729940065-1002 => MessengerHelper.exe --lassie (No File)
Task: {6768E0B3-EFAE-4DE8-8363-3DA1156162F7} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659248 2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AEE304C-2900-4FC1-A6D8-3024F31FBAA2} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F651BE5-932E-4D40-AE90-A4C978803312} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70976 2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {0CC763A1-CEEA-4FC2-A032-9F0049381878} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28946240 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2EC104D-A5ED-4775-9C32-DAFAF910BEAC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311040 2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F109F194-7DCC-4599-A8DD-983AA19D6BDC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311040 2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC8839F4-F889-46D7-9E14-5B2404985DDA} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [1347344 2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9D2EE25-D796-493E-A3EC-5BA669C3ACEF} - System32\Tasks\Microsoft\Office\Office Startup Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [16659248 2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {5D2A91E5-0B7D-4BC7-B8C9-DD4AFC951DAA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {740E28B5-C051-4BE5-9AD7-7DACD2D10BBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7AF12837-5B14-4424-BC23-6BFFF37DFD65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C3885FE3-5700-4EBF-B806-874FA31C5A56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpCmdRun.exe [1803016 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8C9B18C-31C7-4EC4-8F3F-5B1BB916DD04} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {48BFB7D7-3673-4279-BEC6-4CFF63CCB61A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3702919870-1625878937-729940065-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4383592 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB882910-5076-4344-80C6-4EA70AE6C4D8} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3702919870-1625878937-729940065-1002 => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveLauncher.exe [745832 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {B33272E5-2D11-4B2F-BBDD-B7A0E4A3C7E1} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502696 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B45A4AD2-7045-4795-89C2-FFE928D11DA5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502696 2017-10-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6B8A753F-9D99-4D67-A640-9F4AC9E253E5} - System32\Tasks\RtsCM => C:\Windows\RtsCM64.exe [219192 2016-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{53b7bc46-8f06-4770-981f-912ba5620ad1}: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\14355535025374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\14355535F55374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\46C696E6B6D293538334: [DhcpNameServer] 192.168.0.50
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\D416769636F5379647: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\D416769636F5379647D25374: [DhcpNameServer] 82.144.129.1 82.144.128.1 8.8.8.8
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\D416769636F5379647F55374F5548545: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{eefb640b-2f6a-4d09-b5fc-05c821294639}\D462D4: [DhcpNameServer] 192.168.1.153

Edge:
=======
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2026-01-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2026-01-08]
CHR Extension: (Sticky Password - správce hesel) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnfdmghkeppfadphbnkjcicejfepnbfe [2025-12-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aakore; C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe [18738640 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files\Common Files\Acronis\ActiveProtection\active_protection_service.exe [13032744 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1429240 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1871296 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6354456 2026-01-08] (Acronis International GmbH -> Acronis International GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13419408 2025-12-16] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [197120 2017-07-13] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncHelper.exe [3614568 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352344 2022-12-04] (Lenovo -> Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [892288 2019-12-11] (Lenovo -> Lenovo.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe [2063376 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4896488 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.222.1112.0002\OneDriveUpdaterService.exe [3906448 2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [249344 2022-12-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5921232 2025-03-18] (Acronis International GmbH -> Acronis International GmbH)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [77792 2018-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [48608 2018-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe [4426832 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe [290704 2025-12-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 StkSSrv; %SystemRoot%\System32\StkCSrv.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [800672 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [944648 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [389616 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [179200 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
R0 fse; C:\Windows\System32\drivers\fse.sys [218456 2022-12-01] (Microsoft Windows -> Microsoft Corporation)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333192 2025-11-21] (Microsoft Windows -> Microsoft Corporation)
S0 ngelam; C:\Windows\System32\drivers\ngelam.sys [32272 2025-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\Windows\System32\DRIVERS\ngscan.sys [281584 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
S3 pmdiskdriver; C:\Windows\System32\pmdiskdriver.sys [33296 2025-12-11] (深圳牛学长科技有限公司 -> Tenorshare)
R0 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38160 2019-12-11] (Lenovo -> Lenovo.)
R1 SMIDriverGen; C:\Windows\system32\DRIVERS\smi.sys [31440 2018-04-24] (Synaptics Inc. -> Synaptics Incorporated)
R0 snapman; C:\Windows\System32\DRIVERS\snapman.sys [392640 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
S3 StkCMini; C:\Windows\System32\Drivers\StkCMini.sys [518272 2026-01-06] (Microsoft Windows Hardware Compatibility Publisher -> Syntek)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171080 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [335760 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
S3 vmbusproxy; C:\Windows\system32\drivers\vmbusproxy.sys [94208 2022-05-07] (Microsoft Windows -> )
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [246320 2026-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Acronis International GmbH)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21928 2025-12-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [635272 2025-12-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 X86BDA; C:\Windows\System32\drivers\OEMDrv.sys [268416 2025-12-21] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-01-08 17:28 - 2026-01-08 17:29 - 000028695 _____ C:\Users\Lenovo\Desktop\FRST.txt
2026-01-08 17:24 - 2026-01-08 17:29 - 000000000 ____D C:\FRST
2026-01-08 17:22 - 2026-01-08 17:23 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Acronis
2026-01-08 17:22 - 2026-01-08 17:22 - 002444288 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2026-01-08 17:22 - 2026-01-08 17:22 - 000000000 ____D C:\Program Files\Common Files\Acronis
2026-01-08 17:22 - 2026-01-08 17:22 - 000000000 ____D C:\Program Files\Acronis
2026-01-08 17:21 - 2026-01-08 17:21 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image for Western Digital.lnk
2026-01-08 17:21 - 2026-01-08 17:21 - 000001234 _____ C:\Users\Public\Desktop\Acronis True Image for Western Digital.lnk
2026-01-08 17:21 - 2026-01-08 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2026-01-08 17:21 - 2026-01-08 17:21 - 000000000 ____D C:\Program Files (x86)\Acronis
2026-01-08 17:19 - 2026-01-08 17:23 - 000000000 ____D C:\ProgramData\Acronis
2026-01-08 17:16 - 2026-01-08 17:16 - 000000000 ____D C:\Users\Lenovo\Downloads\AcronisTrueImageWD_WIN
2026-01-08 17:14 - 2026-01-08 17:15 - 1068753933 _____ C:\Users\Lenovo\Downloads\AcronisTrueImageWD_WIN.zip
2026-01-08 17:00 - 2026-01-08 17:00 - 000000000 ____D C:\Users\Lenovo\Downloads\acronistrueimagesd_win
2026-01-08 16:58 - 2026-01-08 16:58 - 000003868 _____ C:\Windows\system32\Tasks\DashboardNotificationManager Task
2026-01-08 16:58 - 2026-01-08 16:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\SanDisk
2026-01-08 16:58 - 2026-01-08 16:58 - 000000000 ____D C:\ProgramData\Western Digital
2026-01-08 16:58 - 2026-01-08 16:58 - 000000000 ____D C:\Program Files\ENE
2026-01-08 16:57 - 2026-01-08 16:57 - 000002098 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Dashboard.lnk
2026-01-08 16:57 - 2026-01-08 16:57 - 000002074 _____ C:\Users\Lenovo\Desktop\Dashboard.lnk
2026-01-08 16:57 - 2026-01-08 16:57 - 000000000 ____D C:\Program Files (x86)\SanDisk
2026-01-08 16:56 - 2026-01-08 16:58 - 1065556382 _____ C:\Users\Lenovo\Downloads\acronistrueimagesd_win.zip
2026-01-08 16:56 - 2026-01-08 16:56 - 003206856 _____ () C:\Users\Lenovo\Downloads\DashboardSetup.exe
2026-01-08 14:38 - 2026-01-08 14:38 - 000000000 ____D C:\Users\Lenovo\AppData\Local\ToastNotificationManagerCompat
2026-01-08 13:40 - 2026-01-08 14:12 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\HandBrake
2026-01-08 13:40 - 2026-01-08 13:40 - 000000000 ____D C:\Program Files\dotnet
2026-01-08 13:39 - 2026-01-08 13:39 - 024303536 _____ C:\Users\Lenovo\Downloads\HandBrake-1.10.2-x86_64-Win_GUI.exe
2026-01-08 13:39 - 2026-01-08 13:39 - 000000833 _____ C:\Users\Public\Desktop\HandBrake.lnk
2026-01-08 13:39 - 2026-01-08 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HandBrake
2026-01-08 13:39 - 2026-01-08 13:39 - 000000000 ____D C:\Program Files\HandBrake
2026-01-08 13:38 - 2026-01-08 13:38 - 002231792 _____ C:\Users\Lenovo\Downloads\Wondershare_Filmora_Installer (1).exe
2026-01-08 09:06 - 2026-01-08 09:06 - 000055144 _____ C:\Windows\system32\Drivers\debutfilterx64.sys
2026-01-08 09:06 - 2026-01-08 09:06 - 000000000 ____D C:\ProgramData\NCH Software
2026-01-07 22:33 - 2026-01-07 22:33 - 000000015 _____ C:\Users\Lenovo\AppData\Roaming\obs-virtualcam.txt
2026-01-07 11:01 - 2026-01-07 11:01 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Meltytech
2026-01-07 10:59 - 2026-01-07 10:59 - 000000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shotcut.lnk
2026-01-07 10:58 - 2026-01-07 10:59 - 000000000 ____D C:\Program Files\Shotcut
2026-01-07 10:49 - 2026-01-07 10:49 - 002231792 _____ C:\Users\Lenovo\Downloads\Wondershare_Filmora_Installer.exe
2026-01-06 11:51 - 2026-01-06 11:51 - 000692356 _____ C:\Windows\system32\perfh005.dat
2026-01-06 11:51 - 2026-01-06 11:51 - 000143226 _____ C:\Windows\system32\perfc005.dat
2026-01-06 11:45 - 2026-01-06 11:45 - 000054408 _____ C:\Users\Lenovo\Downloads\39efc2b16fa54c25ceffd5e130210ed1 (1).zip
2026-01-06 11:34 - 2026-01-06 11:39 - 000000000 ____D C:\Users\Lenovo\Downloads\syntek-stk1160-468457
2026-01-06 11:33 - 2026-01-06 11:34 - 001759379 _____ C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip
2026-01-06 09:06 - 2026-01-06 09:06 - 000000000 ____D C:\ProgramData\CPUID Software
2026-01-06 09:04 - 2026-01-06 09:05 - 004740960 _____ (CPUID, Inc. ) C:\Users\Lenovo\Downloads\cpu-z_2.17-en.exe
2026-01-04 20:55 - 2026-01-04 20:55 - 000054408 _____ C:\Users\Lenovo\Downloads\39efc2b16fa54c25ceffd5e130210ed1.zip
2026-01-04 20:55 - 2026-01-04 20:55 - 000000000 ____D C:\Users\Lenovo\Downloads\39efc2b16fa54c25ceffd5e130210ed1
2026-01-04 20:41 - 2026-01-08 12:59 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\obs-studio
2026-01-04 20:41 - 2026-01-04 20:41 - 000001024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio.lnk
2026-01-04 20:41 - 2026-01-04 20:41 - 000001012 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2026-01-04 20:41 - 2026-01-04 20:41 - 000000000 ____D C:\ProgramData\obs-studio-hook
2026-01-04 20:41 - 2026-01-04 20:41 - 000000000 ____D C:\ProgramData\obs-studio
2026-01-04 20:40 - 2026-01-04 20:41 - 000000000 ____D C:\Program Files\obs-studio
2026-01-04 20:39 - 2026-01-04 20:40 - 157503576 _____ (OBS Project) C:\Users\Lenovo\Downloads\OBS-Studio-32.0.4-Windows-x64-Installer.exe
2026-01-04 08:29 - 2026-01-04 08:29 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Rufus
2026-01-04 08:08 - 2026-01-04 08:08 - 001936744 _____ (Akeo Consulting) C:\Users\Lenovo\Downloads\rufus-4.11.exe
2026-01-04 08:06 - 2026-01-04 08:21 - 3055239168 _____ C:\Users\Lenovo\Downloads\linuxmint-22.2-cinnamon-64bit.iso
2026-01-04 00:00 - 2026-01-04 00:00 - 000002599 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL.lnk
2026-01-04 00:00 - 2026-01-04 00:00 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WSL Settings.lnk
2026-01-03 23:59 - 2026-01-04 00:00 - 000000000 ____D C:\Program Files\WSL
2026-01-03 23:13 - 2026-01-04 21:47 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Notepad++
2026-01-03 23:12 - 2026-01-03 23:12 - 006808184 _____ (Don HO don.h@free.fr) C:\Users\Lenovo\Downloads\npp.8.8.Installer.x64.exe
2025-12-27 14:35 - 2025-12-27 14:35 - 000000412 _____ C:\Users\Lenovo\Downloads\home_assistant_backup_emergency_kit_27._12. 2025 14_35.txt
2025-12-25 11:55 - 2025-12-25 11:55 - 000097341 _____ C:\Users\Lenovo\Downloads\Detail_ELDP_TYP2.pdf
2025-12-23 11:55 - 2025-12-23 11:55 - 000000000 ___HD C:\$WinREAgent
2025-12-23 11:45 - 2025-12-23 11:45 - 000000412 _____ C:\Users\Lenovo\Downloads\home_assistant_backup_emergency_kit_23._12. 2025 11_45.txt
2025-12-23 10:27 - 2026-01-04 08:29 - 000000412 __RSH C:\ProgramData\ntuser.pol
2025-12-23 10:25 - 2025-12-23 10:25 - 000000000 __SHD C:\ProgramData\Daemon
2025-12-23 10:25 - 2025-12-11 14:41 - 000033296 _____ (Tenorshare) C:\Windows\system32\pmdiskdriver.sys
2025-12-23 10:23 - 2025-12-23 10:23 - 073266584 _____ (Tenorshare, Inc. ) C:\Users\Lenovo\Downloads\4ddig-partition-manager_11766481763271072301.exe
2025-12-23 10:16 - 2025-12-23 10:16 - 633339904 _____ C:\Users\Lenovo\Downloads\gparted-live-1.7.0-12-amd64 (1).iso
2025-12-23 10:11 - 2025-12-23 10:11 - 633339904 _____ C:\Users\Lenovo\Downloads\gparted-live-1.7.0-12-amd64.iso
2025-12-23 09:15 - 2025-12-23 09:15 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Microsoft_Corporation
2025-12-21 21:04 - 2025-12-21 21:04 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AmaRecTV Live
2025-12-21 21:04 - 2025-12-21 21:04 - 000000000 ____D C:\Program Files (x86)\AmaRecTV Live
2025-12-21 21:03 - 2025-12-21 21:03 - 000000000 ____D C:\Users\Lenovo\Downloads\amarectv310
2025-12-21 21:02 - 2025-12-21 21:02 - 001359044 _____ C:\Users\Lenovo\Downloads\amarectv310.zip
2025-12-21 20:46 - 2025-12-21 20:59 - 000000000 ____D C:\Users\Lenovo\Documents\honestech TVR
2025-12-21 20:39 - 2026-01-04 21:48 - 000000000 ____D C:\Program Files (x86)\honestech
2025-12-21 20:39 - 2025-12-21 21:02 - 000000000 ____D C:\Users\Lenovo\Documents\honestech TVR2.5
2025-12-21 20:38 - 2025-12-21 20:38 - 000000000 ____D C:\Program Files (x86)\Fushicai VIDEO DVR
2025-12-21 20:30 - 2025-12-21 20:30 - 000000000 ____D C:\Users\Lenovo\Downloads\UTV007_Drivers
2025-12-21 20:28 - 2025-12-21 20:29 - 008298444 _____ C:\Users\Lenovo\Downloads\UTV007_Drivers.zip
2025-12-21 14:05 - 2025-12-21 14:05 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\RealVNC
2025-12-21 14:05 - 2025-12-21 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC
2025-12-21 14:05 - 2025-12-21 14:05 - 000000000 ____D C:\Program Files\RealVNC
2025-12-21 14:04 - 2025-12-21 14:05 - 000000000 ____D C:\Users\Lenovo\AppData\Local\RealVNC
2025-12-21 14:04 - 2025-12-21 14:04 - 012765848 _____ (RealVNC) C:\Users\Lenovo\Downloads\VNC-Viewer-7.15.1-Windows.exe
2025-12-21 12:43 - 2025-12-21 12:43 - 000014038 _____ C:\Users\Lenovo\Downloads\config_entry-tplink-01KD0BGGMTQ6R5TJSJYJ052ZMA.json
2025-12-21 11:45 - 2026-01-03 12:29 - 000000000 ____D C:\Users\Lenovo\.ssh
2025-12-18 20:52 - 2025-12-18 20:52 - 000000000 ____D C:\Users\Lenovo\AppData\Local\JxBrowser
2025-12-18 20:48 - 2025-12-18 20:48 - 213673845 _____ C:\Users\Lenovo\Downloads\storage-executive-win-64.zip
2025-12-18 20:10 - 2026-01-08 16:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Samsung Magician
2025-12-18 20:07 - 2026-01-08 16:52 - 000000000 ____D C:\ProgramData\Samsung
2025-12-18 20:04 - 2025-12-18 20:04 - 322527344 _____ (Samsung Electronics ) C:\Users\Lenovo\Downloads\Samsung_Magician_Installer_Official_8.1.0.800.exe
2025-12-17 13:18 - 2025-12-17 13:21 - 019371149 _____ C:\Users\Lenovo\Downloads\Verbatim SSD Utility v1.0.0.1 [FileCR].zip
2025-12-16 19:58 - 2025-12-16 19:58 - 020359960 _____ (Raspberry Pi Ltd ) C:\Users\Lenovo\Downloads\imager_2.0.0.exe
2025-12-16 19:58 - 2025-12-16 19:58 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Raspberry Pi
2025-12-16 19:58 - 2025-12-16 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raspberry Pi
2025-12-16 19:58 - 2025-12-16 19:58 - 000000000 ____D C:\Program Files\Raspberry Pi Ltd
2025-12-13 14:48 - 2025-12-13 14:48 - 007466040 _____ C:\Users\Lenovo\Downloads\nsa320_2.01 (1).zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2026-01-08 17:29 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2026-01-08 17:23 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2026-01-08 17:22 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2026-01-08 17:12 - 2023-11-27 09:35 - 000000000 ____D C:\Users\Lenovo\Documents\Sticky Passwords
2026-01-08 17:08 - 2023-10-23 10:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2026-01-08 16:58 - 2025-10-08 09:52 - 000000000 ____D C:\Users\Lenovo\AppData\Local\cache
2026-01-08 16:58 - 2024-04-14 11:56 - 000000000 ____D C:\ProgramData\Package Cache
2026-01-08 16:49 - 2024-06-30 18:36 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Spotify
2026-01-08 16:48 - 2024-06-30 18:35 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Spotify
2026-01-08 16:48 - 2023-11-26 09:47 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2026-01-08 16:48 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2026-01-08 16:46 - 2025-10-08 09:39 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\NCH Software
2026-01-08 16:46 - 2025-09-29 18:39 - 000000000 ____D C:\ProgramData\Synaptics
2026-01-08 16:46 - 2023-12-05 11:05 - 000001527 _____ C:\Windows\system32\config\VSMIDK
2026-01-08 16:46 - 2023-11-26 10:02 - 000000000 ____D C:\Intel
2026-01-08 16:46 - 2023-10-23 10:00 - 000012288 ___SH C:\DumpStack.log.tmp
2026-01-08 16:46 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ServiceState
2026-01-08 16:46 - 2022-05-07 06:17 - 000786432 _____ C:\Windows\system32\config\BBI
2026-01-08 16:28 - 2025-10-30 22:37 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashDumps
2026-01-08 14:51 - 2023-12-01 16:44 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\vlc
2026-01-08 14:12 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2026-01-08 10:41 - 2023-10-23 10:00 - 000000000 ____D C:\Windows\system32\SleepStudy
2026-01-08 09:47 - 2025-10-08 09:40 - 000000000 ____D C:\Windows\system32\Tasks\NCH Software
2026-01-08 09:46 - 2023-11-26 09:44 - 000000000 ____D C:\Users\Lenovo
2026-01-08 08:51 - 2024-05-12 19:29 - 000000000 ____D C:\Windows\Minidump
2026-01-08 08:51 - 2023-10-23 10:00 - 001719893 ____N C:\Windows\Minidump\010826-8515-01.dmp
2026-01-08 08:49 - 2023-10-23 10:00 - 001884939 ____N C:\Windows\Minidump\010826-10078-01.dmp
2026-01-07 23:19 - 2023-10-23 10:00 - 002001069 ____N C:\Windows\Minidump\010726-8203-01.dmp
2026-01-07 23:17 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2026-01-07 23:06 - 2023-10-23 10:00 - 001750013 ____N C:\Windows\Minidump\010726-7812-01.dmp
2026-01-07 23:01 - 2023-10-23 10:00 - 001751269 ____N C:\Windows\Minidump\010726-8171-01.dmp
2026-01-07 22:53 - 2000-08-23 17:00 - 000033280 _____ (Disappearing Inc.) C:\Windows\system32\HUFFYUV.DLL
2026-01-07 12:05 - 2023-11-26 09:45 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2026-01-06 11:51 - 2023-11-26 09:36 - 001629502 _____ C:\Windows\system32\PerfStringBackup.INI
2026-01-06 11:39 - 1601-05-07 08:39 - 006921856 _____ (Syntek America Inc.) C:\Windows\system32\Drivers\StkCPipe.sys
2026-01-06 11:39 - 1601-05-07 08:39 - 000518272 _____ (Syntek) C:\Windows\system32\Drivers\StkCMini.sys
2026-01-06 11:39 - 1601-05-07 08:39 - 000053248 _____ (Syntek America Inc.) C:\Windows\SysWOW64\StkCProp.ax
2026-01-04 21:48 - 2024-04-20 17:03 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2026-01-04 21:48 - 2023-12-22 13:01 - 000000000 ____D C:\ProgramData\firebird
2026-01-04 21:46 - 2023-11-26 09:45 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Packages
2026-01-04 21:46 - 2023-11-26 09:32 - 000000000 ____D C:\ProgramData\Packages
2026-01-03 23:50 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\SysWOW64\lxss
2026-01-03 23:50 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\lxss
2026-01-03 23:49 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2026-01-03 06:01 - 2023-11-26 09:53 - 000002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2026-01-03 06:01 - 2023-11-26 09:53 - 000002166 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-12-27 14:20 - 2025-10-08 10:28 - 000000000 ____D C:\Users\Lenovo\Documents\Mixpad Projects
2025-12-23 10:27 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2025-12-23 08:36 - 2023-10-23 10:00 - 000003638 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-12-23 08:36 - 2023-10-23 10:00 - 000003512 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-12-21 20:39 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\Downloaded Program Files
2025-12-21 20:33 - 2023-11-28 19:15 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-12-21 11:33 - 2022-05-07 11:14 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-12-21 11:22 - 2023-11-26 09:44 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows
2025-12-21 10:54 - 2023-11-27 18:17 - 000000000 ____D C:\Program Files\Microsoft Office
2025-12-21 10:47 - 2023-10-23 10:00 - 000002396 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-18 09:52 - 2023-10-23 10:00 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-12-17 12:26 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2025-12-16 12:08 - 2023-11-27 18:26 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Excel
2025-12-13 14:56 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\NDF
2025-12-13 14:31 - 2025-08-17 10:51 - 000000000 ____D C:\Users\Lenovo\NSU
2025-12-13 14:23 - 2025-02-01 16:01 - 000003546 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-3702919870-1625878937-729940065-1002
2025-12-13 14:23 - 2023-11-27 17:28 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-12-13 14:23 - 2023-11-27 17:28 - 000001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-13 14:23 - 2023-11-26 09:49 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3702919870-1625878937-729940065-1002
2025-12-12 22:18 - 2023-11-26 09:53 - 000000000 ____D C:\Windows\system32\MRT
2025-12-12 22:13 - 2023-11-26 09:53 - 218369424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2025-10-08 17:05 - 2025-10-08 17:06 - 000050694 _____ () C:\Users\Lenovo\AppData\Roaming\MixPad.dmp
2026-01-07 22:33 - 2026-01-07 22:33 - 000000015 _____ () C:\Users\Lenovo\AppData\Roaming\obs-virtualcam.txt
2023-11-27 12:47 - 2023-11-27 12:47 - 000000017 _____ () C:\Users\Lenovo\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by Marian M (08-01-2026 17:31:33)
Running from C:\Users\Lenovo\Desktop
Microsoft Windows 11 Pro Version 22H2 22623.1020 (X64) (2023-11-26 08:32:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3702919870-1625878937-729940065-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3702919870-1625878937-729940065-503 - Limited - Disabled)
Guest (S-1-5-21-3702919870-1625878937-729940065-501 - Limited - Disabled)
Marian M (S-1-5-21-3702919870-1625878937-729940065-1002 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-3702919870-1625878937-729940065-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 24.01 (x64) (HKLM\...\7-Zip) (Version: 24.01 - Igor Pavlov)
Acronis Drivers (HKLM\...\{8AEF5541-200E-42C6-9D33-1165A342C23F}) (Version: 29.0.41936 - Acronis) Hidden
Acronis True Image for Western Digital (HKLM-x32\...\{DB8BD18E-BA62-4A23-BC84-7FD5C384397C}) (Version: 29.0.41936 - Acronis) Hidden
Acronis True Image for Western Digital (HKLM-x32\...\{DB8BD18E-BA62-4A23-BC84-7FD5C384397C}Visible) (Version: 29.0.41936 - Acronis)
AmaRecTV Live (HKLM-x32\...\AmaRecTV Live) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 3.7.5 (HKLM\...\Audacity_is1) (Version: 3.7.5 - Audacity Team)
Blender (HKLM\...\{42953594-7E2A-46C1-83C0-F536CDE28D69}) (Version: 5.0.0 - Blender Foundation)
calibre 64bit (HKLM\...\{429F48B2-900F-4B4A-BC8A-2172EF35DC0B}) (Version: 8.13.0 - Kovid Goyal)
CrystalDiskInfo 8.2.4 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.2.4 - Crystal Dew World)
CrystalDiskInfo 9.5.0 (64bitový) (HKLM\...\CrystalDiskInfo_is1) (Version: 9.5.0 - Crystal Dew World)
Dashboard (HKLM-x32\...\Western Digital SSD Dashboard) (Version: 5.1.2.2 - SanDisk Corporation)
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
ENE_QSI_Loki_HAL (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
ENE_QSI_Loki_HAL (HKLM-x32\...\{205ef3a8-937b-43cb-90fc-2f58f71408d8}) (Version: 1.0.3.0 - ENE TECHNOLOGY INC.) Hidden
Furniture Studio (HKLM-x32\...\Furniture Studio) (Version: 25.1.0.0 - Nikodem software)
Fushicai VIDEO DVR (HKLM-x32\...\{989BAFE8-E777-43D7-9749-9810E0E9FF48}) (Version: 2013.5.6 - Fushicai)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 143.0.7499.170 - Google LLC)
HandBrake 1.10.2 (HKLM-x32\...\HandBrake) (Version: 1.10.2 - )
Huffyuv AVI lossless video codec (Remove Only) (HKLM\...\HUFFYUV) (Version: - )
Integrated Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.10240.11161 - Realtek Semiconductor Corp.)
Microsoft .NET Host - 8.0.22 (x64) (HKLM\...\{872CDB4B-5DDE-4297-BD19-C93B6C93E386}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.22 (x64) (HKLM\...\{7A046DD7-9D61-4C5D-8F5E-24EE192B1B6A}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.22 (x64) (HKLM\...\{C43A1A89-0CA5-43FD-BDC4-3B85DAD06A41}) (Version: 64.88.42551 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 143.0.3650.96 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 143.0.3650.96 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Retail - cs-cz) (Version: 16.0.19426.20218 - Microsoft Corporation)
Microsoft Office Professional Plus 2021 - sk-sk (HKLM\...\ProPlus2021Retail - sk-sk) (Version: 16.0.19426.20218 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.222.1112.0002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30153 (HKLM-x32\...\{e3aefa8b-a2ea-42b8-a384-95f2ff6df681}) (Version: 14.29.30153.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.25.28508 (HKLM\...\{7D0B74C2-C3F8-4AF1-940F-CD79AB4B2DCE}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.25.28508 (HKLM\...\{EEA66967-97E2-4561-A999-5C22E3CDE428}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30153 (HKLM-x32\...\{F263DEED-F2D3-4AB2-9D1C-C47ED5AA8BFC}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30153 (HKLM-x32\...\{F3E4AF00-C81D-4253-B947-67DD661932EC}) (Version: 14.29.30153 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM\...\{4CCC1CCD-6FA3-4DD5-A06B-E94EA90094CF}) (Version: 64.88.42561 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.22 (x64) (HKLM-x32\...\{a3899eef-6164-4d42-b8c3-95ae6a844821}) (Version: 8.0.22.35428 - Microsoft Corporation)
MIDI Mapper (HKLM-x32\...\{359AFCA8-F52A-495C-AF79-81636FDD01E4}) (Version: 1.00.0000 - Hercules)
Mixxx (HKLM\...\{7C89DD01-AD56-4FE1-ACE4-91964FAFEBCE}) (Version: 2.4.1 - Mixxx Project)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 32.0.4 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.19426.20170 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.19029.20208 - Microsoft Corporation) Hidden
Optimik 4 (HKLM-x32\...\Optimik 4_is1) (Version: - Rastislav Korytár - RK Software)
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PRO 100 CZ verze 1.5 (HKLM-x32\...\{67A98B3A-9045-4EC3-88F5-E3637389D241}_is1) (Version: 1.5 - My Company, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raspberry Pi Imager (HKLM\...\{46C75BF3-E267-4834-AE1D-BEB77E05BFA1}_is1) (Version: v2.0.0 - Raspberry Pi Ltd)
RealVNC Viewer 7.15.1 (HKLM\...\{637CD4E0-1F61-43F1-91C0-9423CED3E820}) (Version: 7.15.1.18 - RealVNC)
Shotcut (HKLM\...\Shotcut_is1) (Version: 25.12.31 - Meltytech)
Spotify (HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Spotify) (Version: 1.2.79.427.g80eb4a07 - Spotify AB)
Sticky Password (HKLM-x32\...\Sticky Password_is1) (Version: 8.9.4.2125 - Lamantine Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.30 - Synaptics Incorporated)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.50 - Ghisler Software GmbH)
VirtualDJ 2021 (HKLM\...\{4C873957-3A06-4785-8AB1-089333EDF685}) (Version: 8.5.6156.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
Windows Subsystem for Linux (HKLM\...\{B637A6A6-5591-4503-AFD8-776164EB837A}) (Version: 2.6.3.0 - Microsoft Corporation) Hidden
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
ZyXEL NAS Starter Utility (HKLM-x32\...\{955955AD-9B68-4881-BA99-5557C4139F8B}) (Version: 2.00.18 - ZyXEL)

Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-10-23] (INTEL CORP) [Startup Task]
Local AI Manager for Microsoft 365 -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-12-21] ()
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-10-16] (Meta)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-02] (Microsoft Corp.)
Microsoft.Office.ActionsServer -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\ActionsServer [2025-12-21] ()
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-12-21] ()
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_8000.675.1142.0_x64__8wekyb3d8bbwe [2025-11-21] (Microsoft Corp.)
Winmail.dat Viewer - Letter Opener -> C:\Program Files\WindowsApps\AtlanCreativeGmbH.Winmail.datViewer-LetterOpener_2.2.1.0_x64__h8gmy52jknkyt [2025-11-21] (Letter Opener GmbH)
WinRAR -> C:\Program Files\WinRAR [2024-03-29] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3702919870-1625878937-729940065-1002_Classes\CLSID\{13074435-7693-4592-2533-000000000000}\localserver32 -> "C:\Program Files\Lenovo\Ready For Assistant\SmartConnect.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-3702919870-1625878937-729940065-1002_Classes\CLSID\{1a46400f-4c81-802a-c2c1-1e9a687a9340}\localserver32 -> C:\Program Files\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
CustomCLSID: HKU\S-1-5-21-3702919870-1625878937-729940065-1002_Classes\CLSID\{DFF20505-B08F-455B-AD70-4FBD055088E0}\localserver32 -> C:\Program Files\Google\Chrome\Application\PlatformExperienceHelper\platform_experience_helper.exe (Google LLC -> Google LLC)
ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_29_0_41936.dll [2025-03-18] (Acronis International GmbH -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-01-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-01-31] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.222.1112.0002\FileSyncShell64.dll [2025-12-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-01-31] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\system32\huffyuv.dll [33280 2026-01-07] (Disappearing Inc.) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-03-11 12:47 - 2024-01-31 17:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\OneDriveTemp:{30006100-5400-3900-3100-6F0041004F00} [216]
AlternateDataStreams: C:\OneDriveTemp:{4A007400-6700-4800-4300-6A004F006900} [640]
AlternateDataStreams: C:\Users\Lenovo\Documents\Nikodem software:{30006100-5400-3900-3100-6F0041004F00} [216]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-12-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-12-07] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.1.1
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Intel(R) Dual Band Wireless-AC 8260 -> Netwtw06.sys
Ethernet 2: Intel(R) Ethernet Connection I219-LM -> e1d68x64.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3702919870-1625878937-729940065-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{AED8FFD4-546A-4EA1-81BD-A79284752299}C:\users\lenovo\downloads\odorik.exe] => (Allow) C:\users\lenovo\downloads\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [UDP Query User{D228DEB1-71C9-45B8-A0C9-698FFB9E1870}C:\users\lenovo\downloads\odorik.exe] => (Allow) C:\users\lenovo\downloads\odorik.exe (Odorik.cz) [File not signed]
FirewallRules: [{69F4971B-F6E3-4145-8BE3-3C809E914409}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{7DF281F5-1122-4D30-8740-15C38A5BC38E}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DD3B8AA6-7112-4AF5-B40B-D78DA0E9D56D}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lenovo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{A217D6A8-D587-4B8A-AA97-EAB38E028998}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe => No File
FirewallRules: [UDP Query User{8450611C-F7F7-4331-9D90-04C28D159F53}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe => No File
FirewallRules: [TCP Query User{94E3999A-40E5-4DD0-B228-09E2E3BF4669}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{08242A15-9425-4E3E-8C8E-80CD3149296E}C:\users\lenovo\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{2933611B-951A-42CB-9E8D-3484C70853A6}C:\users\lenovo\downloads\anydesk.exe] => (Allow) C:\users\lenovo\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{E6C2ED47-7AFB-4868-82B5-E03987203F96}C:\users\lenovo\downloads\anydesk.exe] => (Allow) C:\users\lenovo\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{A4856F88-1A95-4288-95F3-A606E13673D9}C:\program files (x86)\zyxel\nsu\nsu.exe] => (Allow) C:\program files (x86)\zyxel\nsu\nsu.exe () [File not signed]
FirewallRules: [UDP Query User{A422DA81-8F93-4B67-975E-E1DF56F621EC}C:\program files (x86)\zyxel\nsu\nsu.exe] => (Allow) C:\program files (x86)\zyxel\nsu\nsu.exe () [File not signed]
FirewallRules: [{B6884919-65BE-4A39-BCDB-8E03CE793807}] => (Block) C:\program files (x86)\zyxel\nsu\nsu.exe () [File not signed]
FirewallRules: [{3EAD2026-D1C2-482A-B609-A58D6A34EDBC}] => (Block) C:\program files (x86)\zyxel\nsu\nsu.exe () [File not signed]
FirewallRules: [{33BF6A35-0D9F-403E-857A-DE507C51C29D}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{003DEF58-00F7-425E-8F1A-F7AAE145ACBD}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{A25C1480-0995-4057-A85F-89BC5CDBD06A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A28187A0-30EC-4A0A-8271-4A9329CE991C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25331.1101.4152.8047_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C8B2B78-385D-4193-B87A-0BA9B247456C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25331.1101.4152.8047_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BFB068F4-7A63-493D-B385-E23CAF063B6E}C:\users\lenovo\appdata\roaming\spotify\spotifylauncher.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotifylauncher.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{DB70F1F3-19F3-4B31-8C75-93ACE45B80DE}C:\users\lenovo\appdata\roaming\spotify\spotifylauncher.exe] => (Block) C:\users\lenovo\appdata\roaming\spotify\spotifylauncher.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{26AB1BA4-8F26-4CB3-A7CF-1E0232D89B64}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F2C5D77D-05F0-4285-9C70-248A00840368}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{BE334A8D-F5F0-4E9C-A015-B78A56C4CF86}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{D4EA4DB7-C563-4BBA-81AA-2F8158E10A25}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{A1EA670D-50F3-4A8D-B136-D54B195DAFFE}] => (Allow) C:\Program Files\4DDiG Partition Manager\4DDiG Partition Manager.exe => No File
FirewallRules: [{3F1D443D-9E7C-4F71-9F48-1C67B8B9DBC3}] => (Allow) C:\Program Files\4DDiG Partition Manager\4DDiG Partition Manager.exe => No File
FirewallRules: [{2FAB854B-119E-4608-A66F-FC3BD91F0A1F}] => (Allow) C:\Program Files\4DDiG Partition Manager\NetFrameCheck.exe => No File
FirewallRules: [{4476EA03-2A36-4169-A590-5495635B63F8}] => (Allow) C:\Program Files\4DDiG Partition Manager\NetFrameCheck.exe => No File
FirewallRules: [{6AEFF206-ABB3-42A2-AC95-D0169C4D7C93}] => (Allow) C:\Program Files\4DDiG Partition Manager\Monitor\Monitor.exe => No File
FirewallRules: [{AFFC4483-E7F5-40A8-ABB3-852DD5C3C583}] => (Allow) C:\Program Files\4DDiG Partition Manager\Monitor\Monitor.exe => No File
FirewallRules: [{987B76CA-33F6-422C-8EAB-803F0A02C578}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{636321B9-1D47-45C8-BA19-3FB4C42E506A}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{1234468A-D06A-4C32-9E9D-CDEC2E2B6999}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe (Acronis International GmbH -> )
FirewallRules: [{5D094138-EFF8-40E9-A0EF-461386FE6E65}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> )
FirewallRules: [{F041535B-F2C5-4468-94E2-46F69642CF65}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe (Acronis International GmbH -> )
FirewallRules: [{A9692E19-4162-4D0B-ACDB-6AE589BDD5C3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe (Acronis International GmbH -> )
FirewallRules: [{57386152-6A6E-4AEB-B844-0FF007AAB6C7}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe (Acronis International GmbH -> )
FirewallRules: [{01BEAEC1-80AE-44DE-958D-62CFC0304F7F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe (Acronis International GmbH -> )
FirewallRules: [{ADF08076-5EAC-4842-821D-02708515B97B}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe (Acronis International GmbH -> )
FirewallRules: [{B822EAEA-06FC-40D9-9BC9-83529DC23F0D}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe (Acronis International GmbH -> )
FirewallRules: [{259163F7-0DB0-4207-A09F-0BEF07C1F1CE}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe (Acronis International GmbH -> )
FirewallRules: [{357E7B80-0C3B-42AD-8B49-E13D95C6B271}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\bckp_amgr.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{BF62A798-88D3-4ABE-88E6-4E55ED0C5BB3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\bin\task-manager.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{57A3DCAA-9455-4F71-96AC-1D44FEAB6233}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\aakore.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{21B0422E-23DC-4DB0-9EB0-A861491C3A91}] => (Allow) C:\Program Files\Common Files\Acronis\ActiveProtection\active_protection_service.exe (Acronis International GmbH -> Acronis International GmbH)
FirewallRules: [{ECC44BF5-5647-4C17-B28E-736CAE13EB54}] => (Allow) C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe (Acronis International GmbH -> Acronis International GmbH)

==================== Restore Points =========================

23-12-2025 11:55:27 Instalační služba modulů systému Windows
03-01-2026 07:42:02 Naplánovaný kontrolní bod
03-01-2026 23:49:17 Instalační služba modulů systému Windows
08-01-2026 16:57:55 ENE_QSI_Loki_HAL

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/08/2026 05:08:05 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: svchost.exe_Schedule, verze: 10.0.22621.1, časové razítko: 0x6dc5c2a5
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00007df4a3b8001a
ID chybujícího procesu: 0x0x678
Čas spuštění chybující aplikace: 0x0x1dc80b6032cb443
Cesta k chybující aplikaci: C:\Windows\system32\svchost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 944ce706-d2fd-432b-8b5a-044090fcf048
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2026 04:28:14 PM) (Source: Application Error) (EventID: 1000) (User: MARIAN)
Description: Název chybující aplikace: spUIAManager.exe, verze: 8.9.4.2125, časové razítko: 0x686faf10
Název chybujícího modulu: combase.dll, verze: 10.0.22621.1017, časové razítko: 0x560ada32
Kód výjimky: 0xc0000005
Posun chyby: 0x00145af8
ID chybujícího procesu: 0x0x36c0
Čas spuštění chybující aplikace: 0x0x1dc80a86ef6b728
Cesta k chybující aplikaci: C:\Program Files (x86)\Sticky Password\spUIAManager.exe
Cesta k chybujícímu modulu: C:\Windows\System32\combase.dll
ID zprávy: 5b178764-3a41-47fc-9ba4-073daf29b032
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2026 03:09:36 PM) (Source: Application Error) (EventID: 1000) (User: MARIAN)
Description: Název chybující aplikace: spUIAManager.exe, verze: 8.9.4.2125, časové razítko: 0x686faf10
Název chybujícího modulu: bcryptPrimitives.dll, verze: 10.0.22621.1, časové razítko: 0x364e9745
Kód výjimky: 0xc0000005
Posun chyby: 0x00023d3a
ID chybujícího procesu: 0x0x1484
Čas spuštění chybující aplikace: 0x0x1dc8083572c0bcd
Cesta k chybující aplikaci: C:\Program Files (x86)\Sticky Password\spUIAManager.exe
Cesta k chybujícímu modulu: C:\Windows\System32\bcryptPrimitives.dll
ID zprávy: de56ff4d-2f65-4774-a9e3-5e084893a8cb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2026 03:09:32 PM) (Source: Application Error) (EventID: 1000) (User: MARIAN)
Description: Název chybující aplikace: spUIAManager.exe, verze: 8.9.4.2125, časové razítko: 0x686faf10
Název chybujícího modulu: bcryptPrimitives.dll, verze: 10.0.22621.1, časové razítko: 0x364e9745
Kód výjimky: 0xc00000fd
Posun chyby: 0x00023c0f
ID chybujícího procesu: 0x0x1484
Čas spuštění chybující aplikace: 0x0x1dc8083572c0bcd
Cesta k chybující aplikaci: C:\Program Files (x86)\Sticky Password\spUIAManager.exe
Cesta k chybujícímu modulu: C:\Windows\System32\bcryptPrimitives.dll
ID zprávy: c39df5cf-8608-4dc7-a0d5-8df94407b04a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/08/2026 01:39:38 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: HandBrake.exe
Path: C:\Program Files\HandBrake\HandBrake.exe
Message: You must install .NET to run this application.

App: C:\Program Files\HandBrake\HandBrake.exe
Architecture: x64
App host version: 8.0.17
.NET location: Not found

Learn more:
https://aka.ms/dotnet/app-launch-failed

Download the .NET runtime:
https://aka.ms/dotnet-core-applaunch?mi ... ion=8.0.17

Error: (01/08/2026 10:43:59 AM) (Source: Application Error) (EventID: 1000) (User: MARIAN)
Description: Název chybující aplikace: spUIAManager.exe, verze: 8.9.4.2125, časové razítko: 0x686faf10
Název chybujícího modulu: spUIAManager.exe, verze: 8.9.4.2125, časové razítko: 0x686faf10
Kód výjimky: 0xc0000005
Posun chyby: 0x000109c6
ID chybujícího procesu: 0x0x3628
Čas spuštění chybující aplikace: 0x0x1dc807b8d36924e
Cesta k chybující aplikaci: C:\Program Files (x86)\Sticky Password\spUIAManager.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Sticky Password\spUIAManager.exe
ID zprávy: 582b5acb-e529-42fc-8251-86a0398c6022
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2026 11:06:42 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: MigrationService.exe, verze: 1.0.1.171, časové razítko: 0x66b55874
Název chybujícího modulu: MigrationService.exe, verze: 1.0.1.171, časové razítko: 0x66b55874
Kód výjimky: 0xc0000005
Posun chyby: 0x00037e5e
ID chybujícího procesu: 0x0xfec
Čas spuštění chybující aplikace: 0x0x1dc8021e231f4f0
Cesta k chybující aplikaci: C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
ID zprávy: 9db10c63-699a-4cef-9d48-8a3970a3b46a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2026 10:46:40 AM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22


System errors:
=============
Error: (01/08/2026 05:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Plánovač úloh byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu v samostatném procesu.

Error: (01/08/2026 04:51:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CMigrationService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/08/2026 04:49:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (01/08/2026 04:49:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (01/08/2026 04:47:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba StkSSrv neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/08/2026 04:46:15 PM) (Source: DCOM) (EventID: 10010) (User: MARIAN)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2026 04:46:14 PM) (Source: DCOM) (EventID: 10010) (User: MARIAN)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/08/2026 04:46:14 PM) (Source: DCOM) (EventID: 10010) (User: MARIAN)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
================
Date: 2026-01-07 12:03:37
Description:
Antivirová ochrana v programu Microsoft Defender śсǻη ħдѕ ъэεή šтőρρéδ ьëƒόѓë ςσмрļєťíőň.%л %τŞčąη ĮÐ:%в{0C893959-43C2-4DF5-B88F-E4883281DAA7}%й %ŧŚčâń Τỳφε:%вAntimalwarový program%ń %ŧŜċăņ Ρдѓámĕťëяš:%ъRychlé prohledávání%π %ţÚѕêґ:%ьNT AUTHORITY\SYSTEM%ń %тŠŧõρ Ŕéāşôň:%ьŞĉĥеδũĺέđ şĉāⁿ ŵāѕ ŝĸïφрёď вëčάùśε ŧĥе ℓдśт ŝůĉčęśśƒűł ѕčåñ щāś ώϊţђĭи ŧĥě ℓàŝт 7 ďàŷѕ

Date: 2026-01-06 11:34:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/Rostpay
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip; file:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip->driver-hub-install__28.exe; file:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457\driver-hub-install__28.exe; webfile:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip|https://www.drvhub.net/drivers/9d75ddc7 ... 2322012004
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: MARIAN\Marian M
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.443.524.0, AS: 1.443.524.0, NIS: 1.443.524.0
Verze modulu: AM: 1.1.25110.1, NIS: 1.1.25110.1

Date: 2026-01-06 11:34:00
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/Rostpay
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip; file:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip->driver-hub-install__28.exe; webfile:_C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip|https://www.drvhub.net/drivers/9d75ddc7 ... 2322012004
Původ detekce: Internet
Typ detekce: FastPath
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: MARIAN\Marian M
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.443.524.0, AS: 1.443.524.0, NIS: 1.443.524.0
Verze modulu: AM: 1.1.25110.1, NIS: 1.1.25110.1

Date: 2026-01-03 10:34:58
Description:
Antivirová ochrana v programu Microsoft Defender śсǻη ħдѕ ъэεή šтőρρéδ ьëƒόѓë ςσмрļєťíőň.%л %τŞčąη ĮÐ:%в{86CA7CDC-91B6-4B58-975D-56E50D546790}%й %ŧŚčâń Τỳφε:%вAntimalwarový program%ń %ŧŜċăņ Ρдѓámĕťëяš:%ъRychlé prohledávání%π %ţÚѕêґ:%ьNT AUTHORITY\SYSTEM%ń %тŠŧõρ Ŕéāşôň:%ьŞĉĥеδũĺέđ şĉāⁿ ŵāѕ ŝĸïφрёď вëčάùśε ŧĥе ℓдśт ŝůĉčęśśƒűł ѕčåñ щāś ώϊţђĭи ŧĥě ℓàŝт 7 ďàŷѕ

Date: 2025-12-26 10:28:51
Description:
Antivirová ochrana v programu Microsoft Defender zjistil podezřelé chování.
Název: Behavior:Win32/ModifiedBootRecord
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: file:_C:\Program Files\4DDiG Partition Manager\PartitionManagerService.exe; process:_10188
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: MARIAN\Marian M
Název procesu: C:\Program Files\4DDiG Partition Manager\PartitionManagerService.exe
ID bezpečnostních informací: 23858570787236
Verze bezpečnostních informací: AV: 1.443.322.0, AS: 1.443.322.0
Verze modulu: 1.1.25110.1
Štítek věrnosti: Střední
Název cílového souboru:
Event[0]

Date: 2026-01-04 10:36:03
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2026-01-04 09:46:22
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2026-01-04 00:15:35
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x80004005
Popis chyby: Nespecifikovaná chyba
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2025-11-21 09:46:20
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.441.290.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25100.9002
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2025-07-27 09:16:38
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.433.28.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25060.6
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2026-01-08 17:22:44
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ngelam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2026-01-04 20:57:58
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\ext2fsd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO R06ET63W (1.37 ) 08/02/2018
Motherboard: LENOVO 20FMS50T12
Processor: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 8047.62 MB
Available physical RAM: 2104.21 MB
Total Virtual: 9583.62 MB
Available Virtual: 2907.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.89 GB) (Free:57.65 GB) (Model: CT240BX500SSD1) NTFS

\\?\Volume{ea9aefb4-0545-4a69-8ba3-da5bb0299540}\ () (Fixed) (Total:0.56 GB) (Free:0.08 GB) NTFS
\\?\Volume{2bb89600-c09a-4166-a867-a89dee048a2e}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 0D870FCC)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [ISUSPM] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (No File)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\MountPoints2: {c5996837-9355-11ee-9bb1-c85b76bd964c} - "D:\autorun.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3D41128E-75FF-44C0-913E-BF332830C578} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3702919870-1625878937-729940065-1002 => MessengerHelper.exe --lassie (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3702919870-1625878937-729940065-1002_Classes\CLSID\{13074435-7693-4592-2533-000000000000}\localserver32 -> "C:\Program Files\Lenovo\Ready For Assistant\SmartConnect.exe" -ToastActivated => No File
AlternateDataStreams: C:\OneDriveTemp:{30006100-5400-3900-3100-6F0041004F00} [216]
AlternateDataStreams: C:\OneDriveTemp:{4A007400-6700-4800-4300-6A004F006900} [640]
AlternateDataStreams: C:\Users\Lenovo\Documents\Nikodem software:{30006100-5400-3900-3100-6F0041004F00} [216]
FirewallRules: [TCP Query User{A217D6A8-D587-4B8A-AA97-EAB38E028998}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe => No File
FirewallRules: [UDP Query User{8450611C-F7F7-4331-9D90-04C28D159F53}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe => No File
FirewallRules: [TCP Query User{2933611B-951A-42CB-9E8D-3484C70853A6}C:\users\lenovo\downloads\anydesk.exe] => (Allow) C:\users\lenovo\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{E6C2ED47-7AFB-4868-82B5-E03987203F96}C:\users\lenovo\downloads\anydesk.exe] => (Allow) C:\users\lenovo\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{26AB1BA4-8F26-4CB3-A7CF-1E0232D89B64}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F2C5D77D-05F0-4285-9C70-248A00840368}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{BE334A8D-F5F0-4E9C-A015-B78A56C4CF86}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{D4EA4DB7-C563-4BBA-81AA-2F8158E10A25}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{A1EA670D-50F3-4A8D-B136-D54B195DAFFE}] => (Allow) C:\Program Files\4DDiG Partition Manager\4DDiG Partition Manager.exe => No File
FirewallRules: [{3F1D443D-9E7C-4F71-9F48-1C67B8B9DBC3}] => (Allow) C:\Program Files\4DDiG Partition Manager\4DDiG Partition Manager.exe => No File
FirewallRules: [{2FAB854B-119E-4608-A66F-FC3BD91F0A1F}] => (Allow) C:\Program Files\4DDiG Partition Manager\NetFrameCheck.exe => No File
FirewallRules: [{4476EA03-2A36-4169-A590-5495635B63F8}] => (Allow) C:\Program Files\4DDiG Partition Manager\NetFrameCheck.exe => No File
FirewallRules: [{6AEFF206-ABB3-42A2-AC95-D0169C4D7C93}] => (Allow) C:\Program Files\4DDiG Partition Manager\Monitor\Monitor.exe => No File
FirewallRules: [{AFFC4483-E7F5-40A8-ABB3-852DD5C3C583}] => (Allow) C:\Program Files\4DDiG Partition Manager\Monitor\Monitor.exe => No File
C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip
C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip->driver-hub-install__28.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20-11-2025
Ran by Marian M (08-01-2026 19:37:09) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Marian M
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\Run: [ISUSPM] => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler (No File)
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\...\MountPoints2: {c5996837-9355-11ee-9bb1-c85b76bd964c} - "D:\autorun.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3D41128E-75FF-44C0-913E-BF332830C578} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3702919870-1625878937-729940065-1002 => MessengerHelper.exe --lassie (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-3702919870-1625878937-729940065-1002_Classes\CLSID\{13074435-7693-4592-2533-000000000000}\localserver32 -> "C:\Program Files\Lenovo\Ready For Assistant\SmartConnect.exe" -ToastActivated => No File
AlternateDataStreams: C:\OneDriveTemp:{30006100-5400-3900-3100-6F0041004F00} [216]
AlternateDataStreams: C:\OneDriveTemp:{4A007400-6700-4800-4300-6A004F006900} [640]
AlternateDataStreams: C:\Users\Lenovo\Documents\Nikodem software:{30006100-5400-3900-3100-6F0041004F00} [216]
FirewallRules: [TCP Query User{A217D6A8-D587-4B8A-AA97-EAB38E028998}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe => No File
FirewallRules: [UDP Query User{8450611C-F7F7-4331-9D90-04C28D159F53}C:\program files\serato\serato dj pro\serato dj pro.exe] => (Block) C:\program files\serato\serato dj pro\serato dj pro.exe => No File
FirewallRules: [TCP Query User{2933611B-951A-42CB-9E8D-3484C70853A6}C:\users\lenovo\downloads\anydesk.exe] => (Allow) C:\users\lenovo\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{E6C2ED47-7AFB-4868-82B5-E03987203F96}C:\users\lenovo\downloads\anydesk.exe] => (Allow) C:\users\lenovo\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{26AB1BA4-8F26-4CB3-A7CF-1E0232D89B64}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [UDP Query User{F2C5D77D-05F0-4285-9C70-248A00840368}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{BE334A8D-F5F0-4E9C-A015-B78A56C4CF86}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{D4EA4DB7-C563-4BBA-81AA-2F8158E10A25}] => (Block) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe => No File
FirewallRules: [{A1EA670D-50F3-4A8D-B136-D54B195DAFFE}] => (Allow) C:\Program Files\4DDiG Partition Manager\4DDiG Partition Manager.exe => No File
FirewallRules: [{3F1D443D-9E7C-4F71-9F48-1C67B8B9DBC3}] => (Allow) C:\Program Files\4DDiG Partition Manager\4DDiG Partition Manager.exe => No File
FirewallRules: [{2FAB854B-119E-4608-A66F-FC3BD91F0A1F}] => (Allow) C:\Program Files\4DDiG Partition Manager\NetFrameCheck.exe => No File
FirewallRules: [{4476EA03-2A36-4169-A590-5495635B63F8}] => (Allow) C:\Program Files\4DDiG Partition Manager\NetFrameCheck.exe => No File
FirewallRules: [{6AEFF206-ABB3-42A2-AC95-D0169C4D7C93}] => (Allow) C:\Program Files\4DDiG Partition Manager\Monitor\Monitor.exe => No File
FirewallRules: [{AFFC4483-E7F5-40A8-ABB3-852DD5C3C583}] => (Allow) C:\Program Files\4DDiG Partition Manager\Monitor\Monitor.exe => No File
C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip
C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip->driver-hub-install__28.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3702919870-1625878937-729940065-1002\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM" => removed successfully
HKU\S-1-5-21-3702919870-1625878937-729940065-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c5996837-9355-11ee-9bb1-c85b76bd964c} => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" Folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D41128E-75FF-44C0-913E-BF332830C578}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D41128E-75FF-44C0-913E-BF332830C578}" => removed successfully
C:\Windows\System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3702919870-1625878937-729940065-1002 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Meta\Messenger-WSP-Helper-S-1-5-21-3702919870-1625878937-729940065-1002" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-3702919870-1625878937-729940065-1002_Classes\CLSID\{13074435-7693-4592-2533-000000000000} => removed successfully
C:\OneDriveTemp => ":{30006100-5400-3900-3100-6F0041004F00}" ADS removed successfully
C:\OneDriveTemp => ":{4A007400-6700-4800-4300-6A004F006900}" ADS removed successfully
C:\Users\Lenovo\Documents\Nikodem software => ":{30006100-5400-3900-3100-6F0041004F00}" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A217D6A8-D587-4B8A-AA97-EAB38E028998}C:\program files\serato\serato dj pro\serato dj pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{8450611C-F7F7-4331-9D90-04C28D159F53}C:\program files\serato\serato dj pro\serato dj pro.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{2933611B-951A-42CB-9E8D-3484C70853A6}C:\users\lenovo\downloads\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E6C2ED47-7AFB-4868-82B5-E03987203F96}C:\users\lenovo\downloads\anydesk.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{26AB1BA4-8F26-4CB3-A7CF-1E0232D89B64}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F2C5D77D-05F0-4285-9C70-248A00840368}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BE334A8D-F5F0-4E9C-A015-B78A56C4CF86}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D4EA4DB7-C563-4BBA-81AA-2F8158E10A25}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A1EA670D-50F3-4A8D-B136-D54B195DAFFE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3F1D443D-9E7C-4F71-9F48-1C67B8B9DBC3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2FAB854B-119E-4608-A66F-FC3BD91F0A1F}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4476EA03-2A36-4169-A590-5495635B63F8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AEFF206-ABB3-42A2-AC95-D0169C4D7C93}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AFFC4483-E7F5-40A8-ABB3-852DD5C3C583}" => removed successfully
C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip => moved successfully
"C:\Users\Lenovo\Downloads\syntek-stk1160-468457.zip->driver-hub-install__28.exe" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13808009 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 25312786 B
Edge => 0 B
Chrome => 899579538 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 653869 B
NetworkService => 910299 B
defaultuser0 => 910299 B
Lenovo => 1142432552 B

RecycleBin => 1463306835 B
EmptyTemp: => 3.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-01-2026 19:40:25)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:40:25 ====

Smazáno. Zrychlil se chod?

Jo vypadá to dobře, uvidím jak se to bude chovat dál.
Prozatím moc dekuji.

Nemáte zač!