Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-11-2025
Ran by klara (administrator) on KLARAPC (LENOVO 20NYS7XU00) (25-12-2025 17:26:27)
Running from C:\Users\klara\Desktop\FRST64.exe
Loaded Profiles: klara
Platform: Microsoft Windows 11 Pro Version 25H2 26200.7462 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdntwrk.exe
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bduserhost.exe <2>
(C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\wsccommunicator.exe
(C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_82b77f8c4618e2d0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_f11b844898206530\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_ece153ca769ec179\aesm_service.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe <2>
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security App\bdagent.exe [1088832 2025-12-09] (Bitdefender SRL -> Bitdefender)
HKU\S-1-5-21-2114154844-1774834752-491545778-1003\...\Run: [MicrosoftEdgeAutoLaunch_DAAC6B14F770C35E3292BC0E4C469918] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4228688 2025-12-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {F00ED3A6-9777-43AB-9442-7642E2A8EB82} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\27.1.1.25\WatchDog.exe [1172984 2025-12-11] (Bitdefender SRL -> Bitdefender) -> C:\Program Files\Bitdefender Agent\27.1.1.25\repair
Task: {D9AB7DA4-FA49-49EC-9142-3DB6569CFED7} - System32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-2114154844-1774834752-491545778-1003 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4953352 2025-12-24] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {2F24E883-EB21-4CC5-83A6-917C446A634D} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6392456 2025-08-19] (Intel Corporation -> Intel Corporation)
Task: {3B220162-960D-4205-8224-8E65C1BF2EE7} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6392456 2025-08-19] (Intel Corporation -> Intel Corporation)
Task: {4365C0E2-FD44-4EFA-81CD-C2079E2A32E6} - System32\Tasks\Lenovo\Power Manager\Background monitor => "C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe"  (No File)
Task: {5141C478-48D9-4827-878F-011D8BCC6711} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [67424 2024-06-26] (Lenovo -> )
Task: {03DF29AA-D777-43AD-BEE6-B17D00202BBD} - System32\Tasks\Microsoft\Windows\Setup\PITRTask => {093cb270-c282-4c22-b2ea-7d2bf1c30bbf} C:\Windows\system32\oobe\PITRTask.dll [118784 2025-12-24] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {E9B97679-4BA5-4081-B902-DAD23EB9C137} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2114154844-1774834752-491545778-1003 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [696960 2025-12-17] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {DEDCF433-C361-4A0D-8402-0E71814A8206} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34944 2025-12-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {33A3256E-31D7-42AD-858F-6DADC6AE729D} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2114154844-1774834752-491545778-1003 => C:\Users\klara\AppData\Local\Microsoft\OneDrive\25.222.1112.0002\OneDriveLauncher.exe [745832 2025-12-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5834697-2585-4523-B8EE-DBCD44C25BC5} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2114154844-1774834752-491545778-500 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\OneDriveLauncher.exe  /startInstances (No File)
Task: {00F6443E-C593-49F6-82D8-186B68A07D29} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-2114154844-1774834752-491545778-1003 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4953352 2025-12-24] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {5F3DC08A-3023-458A-8F3D-4E08176FE379} - System32\Tasks\Piriform\CCleaner 7 - Scheduled Cleaning - default - S-1-5-21-2114154844-1774834752-491545778-1003 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4953352 2025-12-24] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {9F4C495B-E6DB-4FF6-97C9-959220551A77} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6274680 2025-12-24] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {1EFBF835-B872-45EE-9F15-9476C5E8BE85} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [9239776 2025-12-12] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {F55C6803-1806-4695-817F-F1F37A769F52} - System32\Tasks\RtkAudUService64_BG => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_550508a90a3c9a47\RtkAudUService64.exe [1618296 2022-10-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E045861D-9EFB-4A12-A331-02BB7A5E9AFB} - System32\Tasks\TVT\TVSUUpdateTask => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"  /CM -search R -action LIST -nolicense -schtask (No File)
Task: {BFCF1B27-2757-4E60-9D86-303EE21619B4} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"  PendingTask (No File)
Task: {742884DA-E78B-47E9-878E-2851A162138C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [454656 2025-12-24] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3825d160-3933-462f-a4f7-b6f93c19b168}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fe06b933-7a56-4b86-a267-cc5f8701193e}: [DhcpNameServer] 192.168.135.1 81.19.0.67 8.8.8.8

Edge: 
=======
Edge Profile: C:\Users\klara\AppData\Local\Microsoft\Edge\User Data\Default [2025-12-25]
Edge Extension: (Bitdefender Anti-tracker) - C:\Users\klara\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbconhplchnbippmjabbcedokimacfjl [2025-12-24]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\klara\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-12-24]
Edge Extension: (Edge relevant text changes) - C:\Users\klara\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-12-24]
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]

FireFox:
========
FF DefaultProfile: tmwjyj7h.default
FF ProfilePath: C:\Users\klara\AppData\Roaming\Mozilla\Firefox\Profiles\tmwjyj7h.default [2025-12-24]
FF ProfilePath: C:\Users\klara\AppData\Roaming\Mozilla\Firefox\Profiles\tjdkkrjb.default-release [2025-12-25]
FF Session Restore: Mozilla\Firefox\Profiles\tjdkkrjb.default-release -> is enabled.
FF Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\klara\AppData\Roaming\Mozilla\Firefox\Profiles\tjdkkrjb.default-release\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2025-12-24]
FF Extension: (New Tab) - C:\Users\klara\AppData\Roaming\Mozilla\Firefox\Profiles\tjdkkrjb.default-release\Extensions\newtab@mozilla.org.xpi [2025-12-24]
FF Extension: (Bitwarden – správca hesiel) - C:\Users\klara\AppData\Roaming\Mozilla\Firefox\Profiles\tjdkkrjb.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2025-12-24]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2025-12-24] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2025-12-24] <==== ATTENTION

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BDAppSrv; C:\Program Files\Bitdefender\Bitdefender Security App\bdservicehost.exe [851704 2025-12-09] (Bitdefender SRL -> Bitdefender)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2025-12-09] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2025-12-09] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2966176 2023-07-20] (Bitdefender SRL -> Bitdefender)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2426992 2025-07-03] (Bitdefender SRL -> Bitdefender)
R2 BDSafepaySrv; C:\Program Files\Bitdefender\Bitdefender Security App\Safepay\bdservicehost.exe [851704 2025-12-09] (Bitdefender SRL -> Bitdefender)
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28492408 2025-12-24] (Gen Digital Inc. -> Gen Digital Inc.)
S2 DolbyDAXAPI; C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe [2549352 2024-08-16] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [133736 2025-08-27] (Intel Corporation -> Intel)
S2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [133224 2025-08-27] (Intel Corporation -> Intel)
S2 FMAPOService; C:\Windows\System32\FMService64.exe [479656 2022-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 IBMPMSVC; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\ibmpmsvc.exe [1039808 2025-09-26] (Lenovo -> Lenovo)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2352392 2024-06-26] (Lenovo -> Lenovo Group Limited)
S4 LenovoBrightCtrl; C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_0fefde8b58482d0b\x64\BrightnessControl.exe [157008 2025-02-26] (Lenovo -> Lenovo.)
S2 LITSSVC; C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_0fefde8b58482d0b\x64\LITSSvc.exe [1143640 2025-02-26] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\LPlatSvc.exe [903104 2025-09-26] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MpDefenderCoreService.exe [2063376 2025-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [758176 2025-12-11] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [803088 2025-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SynHsaService; C:\Windows\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_4baebf43e6be50f0\SynRpcServer.exe [188440 2025-01-17] (Synaptics Incorporated -> Synaptics Incorporated.)
S2 TbtP2pShortcutService; C:\Windows\TbtP2pShortcutService.exe [256368 2022-12-15] (Intel Corporation -> Intel Corporation)
S2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_977c606172734f9d\driver\TPHKLOAD.exe [192336 2025-06-23] (Lenovo -> Lenovo Group Limited)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [303648 2025-12-09] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [851704 2025-12-09] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\NisSrv.exe [4426832 2025-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25110.6-0\MsMpEng.exe [290704 2025-12-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SUService; "C:\Program Files (x86)\Lenovo\System Update\SUService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AKCCID; C:\Windows\System32\drivers\AKCCID.sys [104992 2019-12-04] (Alcorlink Corp. -> Generic)
R1 atc; C:\Windows\System32\drivers\atc.sys [8502344 2025-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci4; C:\Windows\System32\drivers\bddci4.sys [1380416 2025-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [24568 2023-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
S3 bdprivmon; C:\Windows\System32\drivers\bdprivmon.sys [49208 2025-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 bduefiscan; C:\Windows\System32\drivers\bduefiscan.sys [53808 2025-08-13] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44592 2025-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 Gemma; C:\Windows\System32\DRIVERS\gemma.sys [1793112 2025-06-26] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
S3 GlPciSD; C:\Windows\System32\drivers\GlPciSD.sys [486520 2020-10-21] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 IBMPMDRV; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\ibmpmdrv.sys [66008 2025-09-26] (Lenovo -> Lenovo)
S3 Ignisv2; C:\Windows\System32\drivers\ignisv2.sys [848456 2025-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [333192 2025-12-24] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsla776eb50; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKslDrv.sys [263560 2025-02-03] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_43263f267606f990\x64\pmdrvs.sys [52192 2025-09-26] (Lenovo -> Lenovo)
S3 rtu53cx22x64; C:\Windows\System32\DriverStore\FileRepository\rtu53cx22x64sta.inf_amd64_f5ce923856320889\rtu53cx22x64.sys [1024768 2023-02-23] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 rtucx21x64; C:\Windows\System32\DriverStore\FileRepository\rtucx21x64.inf_amd64_286645bc82b2f9fb\rtucx21x64.sys [1359360 2024-04-01] (Microsoft Windows -> Realtek Corporation)
R2 Trufos; C:\Windows\System32\drivers\Trufos.sys [630320 2025-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 vlflt; C:\Windows\System32\drivers\vlflt.sys [1445440 2025-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [21928 2025-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [635272 2025-12-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [102792 2025-12-24] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\Windows\System32\DriverStore\FileRepository\wiman.inf_amd64_39b0d69e31702623\WiMan\WiMan.sys [169568 2022-07-11] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-12-25 17:29 - 2025-12-25 17:29 - 000000000 ____D C:\Users\klara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-12-25 17:29 - 2025-12-25 17:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2025-12-25 17:29 - 2025-12-25 17:29 - 000000000 ____D C:\Program Files\WinRAR
2025-12-25 17:28 - 2025-12-25 17:28 - 004046168 _____ C:\Users\klara\Downloads\winrar-x64-713cz.exe
2025-12-25 17:26 - 2025-12-25 17:27 - 000020538 _____ C:\Users\klara\Desktop\FRST.txt
2025-12-25 17:26 - 2025-12-25 17:26 - 000000000 ____D C:\FRST
2025-12-25 17:25 - 2025-12-25 17:25 - 000000000 ____D C:\Users\klara\AppData\Local\PeerDistRepub
2025-12-25 17:24 - 2025-12-25 17:25 - 000000000 ____D C:\AdwCleaner
2025-12-25 17:23 - 2025-12-25 17:23 - 000115308 _____ C:\ProgramData\vpn.uninstall.1766679306.bdinstall.v2.bin
2025-12-25 17:22 - 2025-12-25 17:22 - 009566696 _____ (Malwarebytes) C:\Users\klara\Desktop\AdwCleaner.exe
2025-12-25 17:21 - 2025-12-25 17:21 - 002444288 _____ (Farbar) C:\Users\klara\Desktop\FRST64.exe
2025-12-25 11:56 - 2025-12-25 17:12 - 000000000 ____D C:\ProgramData\Whesvc
2025-12-25 00:40 - 2025-12-25 00:40 - 000698006 _____ C:\Windows\system32\perfh007.dat
2025-12-25 00:40 - 2025-12-25 00:40 - 000683662 _____ C:\Windows\system32\perfh00E.dat
2025-12-25 00:40 - 2025-12-25 00:40 - 000669498 _____ C:\Windows\system32\perfh005.dat
2025-12-25 00:40 - 2025-12-25 00:40 - 000162550 _____ C:\Windows\system32\perfc00E.dat
2025-12-25 00:40 - 2025-12-25 00:40 - 000150942 _____ C:\Windows\system32\perfc007.dat
2025-12-25 00:40 - 2025-12-25 00:40 - 000145504 _____ C:\Windows\system32\perfc005.dat
2025-12-25 00:35 - 2025-12-25 17:23 - 000000000 ____D C:\Windows\CbsTemp
2025-12-25 00:26 - 2025-12-25 00:26 - 000196144 _____ C:\ProgramData\vpn.1766618764.bdinstall.v2.bin
2025-12-25 00:15 - 2025-12-25 00:16 - 000000000 ____D C:\Windows\system32\ruxim
2025-12-25 00:15 - 2025-12-25 00:16 - 000000000 ____D C:\Windows\system32\NarratorMCAT
2025-12-25 00:15 - 2025-12-25 00:15 - 000000000 ____D C:\Windows\system32\AccountHealthAssets
2025-12-25 00:15 - 2025-12-25 00:15 - 000000000 ____D C:\inetpub
2025-12-25 00:13 - 2025-12-25 00:13 - 000003600 _____ C:\Windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-12-25 00:13 - 2025-10-02 23:16 - 000049872 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\semav6msr64.sys
2025-12-25 00:11 - 2025-12-25 00:13 - 000003762 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-12-25 00:11 - 2025-12-25 00:13 - 000003528 _____ C:\Windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-12-25 00:11 - 2025-12-25 00:11 - 000000000 ____D C:\Users\klara\AppData\Local\Intel
2025-12-25 00:10 - 2025-12-25 00:10 - 000000027 _____ C:\Windows\system32\ctc.json
2025-12-25 00:10 - 2025-12-25 00:10 - 000000000 ____D C:\Users\klara\AppData\Local\ASP.NET
2025-12-25 00:09 - 2025-12-25 00:09 - 000001596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2025-12-25 00:09 - 2025-12-25 00:09 - 000000318 _____ C:\Windows\system32\httpproxy.json
2025-12-25 00:09 - 2025-12-25 00:09 - 000000000 ____D C:\Program Files\dotnet
2025-12-25 00:06 - 2025-12-25 00:06 - 000000000 ____D C:\Program Files (x86)\dotnet
2025-12-25 00:05 - 2025-12-25 00:05 - 009122392 _____ (Intel) C:\Users\klara\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2025-12-25 00:03 - 2025-12-25 00:03 - 000149304 _____ C:\ProgramData\agent.update.1766617365.bdinstall.v2.bin
2025-12-25 00:02 - 2025-12-25 00:02 - 000660548 _____ C:\ProgramData\cl.1766616956.bdinstall.v2.bin
2025-12-25 00:02 - 2025-12-25 00:02 - 000136552 _____ C:\ProgramData\cl.kit.1766616953.bdinstall.v2.bin
2025-12-25 00:00 - 2025-12-25 00:00 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2025-12-24 23:59 - 2025-12-25 00:01 - 000000000 ____D C:\ProgramData\BDLogging
2025-12-24 23:59 - 2025-12-24 23:59 - 000002374 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2025-12-24 23:59 - 2025-12-24 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2025-12-24 23:58 - 2025-12-25 00:26 - 000000000 ____D C:\Program Files\Bitdefender
2025-12-24 23:58 - 2025-12-24 23:58 - 000000000 ____D C:\Users\klara\AppData\Roaming\Bitdefender Security App
2025-12-24 23:58 - 2025-12-24 23:58 - 000000000 ____D C:\Users\klara\AppData\Roaming\Bitdefender
2025-12-24 23:56 - 2025-12-25 00:01 - 000000000 ____D C:\ProgramData\Bitdefender
2025-12-24 23:55 - 2025-12-25 00:10 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2025-12-24 23:51 - 2025-12-25 00:03 - 000003842 _____ C:\Windows\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2025-12-24 23:49 - 2025-12-25 00:03 - 000000000 ____D C:\Program Files\Bitdefender Agent
2025-12-24 23:49 - 2025-12-24 23:49 - 000222256 _____ C:\ProgramData\agent.1766616536.bdinstall.v2.bin
2025-12-24 23:49 - 2025-12-24 23:49 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2025-12-24 23:48 - 2025-12-24 23:48 - 020503520 _____ C:\Users\klara\Downloads\bitdefender_avfree.exe
2025-12-24 22:21 - 2025-12-24 22:21 - 000003268 _____ C:\Windows\system32\Tasks\CCleaner 7 - Skip UAC - S-1-5-21-2114154844-1774834752-491545778-1003
2025-12-24 22:20 - 2025-12-24 22:20 - 001747392 _____ (Gen Digital Inc.) C:\Users\klara\Downloads\ccsetup_online_setup.exe
2025-12-24 22:20 - 2025-12-24 22:20 - 000056128 _____ (Gen Digital Inc.) C:\Windows\system32\icarus_rvrt.exe
2025-12-24 22:20 - 2025-12-24 22:20 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 7.lnk
2025-12-24 22:20 - 2025-12-24 22:20 - 000002140 _____ C:\Users\Public\Desktop\CCleaner 7.lnk
2025-12-24 22:20 - 2025-12-24 22:20 - 000000000 ____D C:\Windows\system32\Tasks\Piriform
2025-12-24 22:20 - 2025-12-24 22:20 - 000000000 ____D C:\Users\klara\AppData\Roaming\CCleaner
2025-12-24 22:20 - 2025-12-24 22:20 - 000000000 ____D C:\ProgramData\Piriform
2025-12-24 22:20 - 2025-12-24 22:20 - 000000000 ____D C:\Program Files\Piriform
2025-12-24 22:20 - 2025-12-24 22:20 - 000000000 ____D C:\Program Files\Common Files\Piriform
2025-12-24 22:14 - 2025-12-24 23:49 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2025-12-24 22:10 - 2025-12-24 22:10 - 000001681 _____ C:\Windows\system32\DeviceFeatureDDF.json
2025-12-24 22:08 - 2025-12-24 22:08 - 000079894 _____ C:\Windows\SysWOW64\ctac.json
2025-12-24 22:08 - 2025-12-24 22:08 - 000079894 _____ C:\Windows\system32\ctac.json
2025-12-24 22:08 - 2025-12-24 22:08 - 000035602 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-12-24 22:08 - 2025-12-24 22:08 - 000035602 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-12-24 21:50 - 2025-12-25 17:28 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-12-24 21:50 - 2025-12-25 00:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-12-24 21:50 - 2025-12-24 21:50 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Súkromné prehliadanie Firefoxu.lnk
2025-12-24 21:50 - 2025-12-24 21:50 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-12-24 21:50 - 2025-12-24 21:50 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-12-24 21:50 - 2025-12-24 21:50 - 000000000 ____D C:\Users\klara\AppData\Roaming\Mozilla
2025-12-24 21:50 - 2025-12-24 21:50 - 000000000 ____D C:\Users\klara\AppData\Local\Mozilla
2025-12-24 21:50 - 2025-12-24 21:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-12-24 21:50 - 2025-12-17 18:01 - 000390272 _____ (Mozilla Foundation) C:\Users\klara\Desktop\Firefox.exe
2025-12-24 21:49 - 2025-12-24 21:49 - 000383872 _____ (Mozilla) C:\Users\klara\Downloads\Firefox Installer.exe
2025-12-24 21:41 - 2025-12-24 21:41 - 000000000 ____D C:\Users\klara\AppData\Local\Backup
2025-12-24 21:38 - 2025-12-24 21:38 - 000000000 ____D C:\Users\klara\AppData\Local\Comms
2025-12-24 21:33 - 2025-12-24 21:33 - 000000000 ___HD C:\OneDriveTemp
2025-12-24 21:32 - 2025-12-25 11:57 - 000000000 ___RD C:\Users\klara\OneDrive
2025-12-24 21:32 - 2025-12-24 21:32 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2114154844-1774834752-491545778-1003
2025-12-24 21:32 - 2025-12-24 21:32 - 000003570 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2114154844-1774834752-491545778-1003
2025-12-24 21:32 - 2025-12-24 21:32 - 000003362 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2114154844-1774834752-491545778-1003
2025-12-24 21:32 - 2025-12-24 21:32 - 000002379 _____ C:\Users\klara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-12-24 21:31 - 2025-12-24 22:25 - 000000000 ____D C:\Users\klara\AppData\Local\Lenovo
2025-12-24 21:29 - 2025-12-25 00:40 - 000000000 ____D C:\Users\klara\AppData\Local\D3DSCache
2025-12-24 21:29 - 2025-12-24 21:45 - 000000000 ____D C:\Users\klara\AppData\Local\Publishers
2025-12-24 21:28 - 2025-12-25 17:29 - 000000000 ____D C:\Users\klara\AppData\Local\Packages
2025-12-24 21:28 - 2025-12-25 11:56 - 000000000 __SHD C:\Users\klara\IntelGraphicsProfiles
2025-12-24 21:28 - 2025-12-24 21:28 - 000000000 ___SD C:\Users\klara\AppData\Roaming\Microsoft\Crypto
2025-12-24 21:28 - 2025-12-24 21:28 - 000000000 ____D C:\Users\klara\AppData\Roaming\Microsoft\Vault
2025-12-24 21:28 - 2025-12-24 21:28 - 000000000 ____D C:\Users\klara\AppData\Roaming\Adobe
2025-12-24 21:28 - 2025-12-24 21:28 - 000000000 ____D C:\Users\klara\AppData\LocalLow\Intel
2025-12-24 21:28 - 2025-12-24 21:28 - 000000000 ____D C:\Users\klara\AppData\Local\VirtualStore
2025-12-24 21:28 - 2025-12-24 21:28 - 000000000 ____D C:\Users\klara\AppData\Local\ConnectedDevicesPlatform
2025-12-24 21:27 - 2025-12-24 23:44 - 000000000 ____D C:\Users\klara\AppData\Local\PlaceholderTileLogoFolder
2025-12-24 21:27 - 2025-12-24 21:27 - 000000000 ____D C:\Users\klara\AppData\Roaming\Microsoft\Network
2025-12-24 21:25 - 2025-12-24 21:25 - 000000000 ___SD C:\Users\klara\AppData\Roaming\Microsoft\SystemCertificates
2025-12-24 21:25 - 2025-06-04 01:39 - 000049032 _____ (Lenovo Group Limited) C:\Windows\system32\Drivers\TPPWR64V.SYS
2025-12-24 21:24 - 2025-12-25 00:09 - 000000000 ____D C:\Users\klara\AppData\Roaming\Microsoft\Spelling
2025-12-24 21:24 - 2025-12-24 21:32 - 000000000 ____D C:\Users\klara
2025-12-24 21:24 - 2025-12-24 21:29 - 000000000 ____D C:\Users\klara\AppData\Roaming\Microsoft\Windows
2025-12-24 21:24 - 2025-12-24 21:24 - 000000020 ___SH C:\Users\klara\ntuser.ini
2025-12-24 21:24 - 2025-12-24 21:24 - 000000000 ___SD C:\Users\klara\AppData\Roaming\Microsoft\Protect
2025-12-24 21:24 - 2025-12-24 21:24 - 000000000 ___SD C:\Users\klara\AppData\Roaming\Microsoft\Credentials
2025-12-24 21:24 - 2025-08-06 01:15 - 000725952 _____ (Intel) C:\Windows\system32\libvpl.dll
2025-12-24 21:24 - 2025-08-06 01:15 - 000619648 _____ (Intel) C:\Windows\SysWOW64\libvpl.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 027976512 _____ (Intel Corporation) C:\Windows\system32\mfxplugin64_hw.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 020700504 _____ (Intel Corporation) C:\Windows\SysWOW64\mfxplugin32_hw.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 001982288 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-12-24 21:24 - 2025-08-06 01:14 - 001982288 _____ C:\Windows\system32\vulkaninfo.exe
2025-12-24 21:24 - 2025-08-06 01:14 - 001538872 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-12-24 21:24 - 2025-08-06 01:14 - 001538872 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2025-12-24 21:24 - 2025-08-06 01:14 - 001446712 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 001160000 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000963496 _____ (Intel Corporation) C:\Windows\system32\libmfxhw64.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000724312 _____ (Intel Corporation) C:\Windows\SysWOW64\libmfxhw32.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000609192 _____ (Intel Corporation) C:\Windows\system32\intel_gfx_api-x64.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000505144 _____ C:\Windows\system32\ze_tracing_layer.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000469456 _____ (Intel Corporation) C:\Windows\SysWOW64\intel_gfx_api-x86.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000410944 _____ C:\Windows\system32\ze_loader.dll
2025-12-24 21:24 - 2025-08-06 01:14 - 000171832 _____ C:\Windows\system32\ze_validation_layer.dll
2025-12-24 21:24 - 2025-02-03 11:12 - 000000000 ____D C:\Users\klara\AppData\Roaming\Intel
2025-12-24 21:22 - 2025-01-17 11:40 - 003781136 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP_UI.dll
2025-12-24 21:22 - 2025-01-17 11:40 - 003755536 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP_UI.dll
2025-12-24 21:22 - 2025-01-17 11:40 - 000500752 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP.dll
2025-12-24 21:22 - 2025-01-17 11:40 - 000368152 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP.dll
2025-12-24 21:22 - 2025-01-08 01:54 - 008922528 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwtw08.sys
2025-12-24 21:22 - 2025-01-08 01:53 - 001618848 _____ (Intel Corporation) C:\Windows\system32\IntelIHVRouter08.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-12-25 17:29 - 2025-02-03 10:34 - 000000000 ____D C:\ProgramData\Packages
2025-12-25 17:29 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-12-25 17:29 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\AppReadiness
2025-12-25 17:25 - 2025-02-03 11:56 - 000000000 ____D C:\Program Files (x86)\Lenovo
2025-12-25 17:25 - 2025-02-03 11:35 - 000000000 ____D C:\Program Files\Lenovo
2025-12-25 17:25 - 2025-02-03 11:12 - 000000000 ____D C:\Windows\SysWOW64\Lenovo
2025-12-25 17:25 - 2025-02-03 11:12 - 000000000 ____D C:\Windows\system32\Lenovo
2025-12-25 17:25 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-12-25 17:24 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemTemp
2025-12-25 00:40 - 2025-02-03 10:42 - 003294058 _____ C:\Windows\system32\PerfStringBackup.INI
2025-12-25 00:40 - 2024-04-01 08:24 - 000000000 ____D C:\Windows\INF
2025-12-25 00:37 - 2025-02-03 11:35 - 000003358 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-12-25 00:36 - 2025-02-03 11:37 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2025-12-25 00:36 - 2025-02-03 11:35 - 000012288 ___SH C:\DumpStack.log.tmp
2025-12-25 00:36 - 2025-02-03 11:35 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-12-25 00:36 - 2025-02-03 10:46 - 000000000 ____D C:\Intel
2025-12-25 00:36 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
2025-12-25 00:36 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ServiceState
2025-12-25 00:36 - 2024-04-01 08:21 - 000786432 _____ C:\Windows\system32\config\BBI
2025-12-25 00:23 - 2024-04-01 08:21 - 000032768 _____ C:\Windows\system32\config\ELAM
2025-12-25 00:21 - 2025-02-03 11:35 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-12-25 00:21 - 2025-02-03 11:35 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-12-25 00:19 - 2025-02-03 11:35 - 000297176 _____ C:\Windows\system32\FNTCACHE.DAT
2025-12-25 00:16 - 2024-10-04 08:56 - 000000000 ____D C:\Windows\SysWOW64\hu
2025-12-25 00:16 - 2024-10-04 08:56 - 000000000 ____D C:\Windows\system32\hu
2025-12-25 00:16 - 2024-10-04 08:54 - 000000000 ____D C:\Windows\SysWOW64\de
2025-12-25 00:16 - 2024-04-01 17:30 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-12-25 00:16 - 2024-04-01 17:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2025-12-25 00:16 - 2024-04-01 17:28 - 000000000 ____D C:\Windows\SysWOW64\cs
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ___SD C:\Windows\system32\F12
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\WUModels
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\UUS
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\InstallShield
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\DDFs
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\Com
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemResources
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\vi-VN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ur-PK
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ug-CN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\tt-RU
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\te-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ta-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\sq-AL
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\setup
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\quz-PE
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-plocm
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\qps-ploc
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\pa-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\or-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\oobe
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\nn-NO
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ne-NP
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mt-MT
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mr-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ml-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mk-MK
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\mi-NZ
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\migwiz
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lv-LV
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lt-LT
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lo-LA
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\lb-LU
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kok-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kn-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\km-KH
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\kk-KZ
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ka-GE
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\is-IS
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\id-ID
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hy-AM
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\hi-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gu-IN
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gl-ES
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\gd-GB
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ga-IE
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fil-PH
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\fa-IR
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\eu-ES
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\et-EE
2025-12-25 00:16 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\es-MX
2025-12-25 00:15 - 2024-10-04 08:55 - 000000000 ____D C:\Windows\system32\Drivers\en-GB
2025-12-25 00:15 - 2024-10-04 08:55 - 000000000 ____D C:\Windows\en-GB
2025-12-25 00:15 - 2024-10-04 08:54 - 000000000 ____D C:\Windows\system32\de
2025-12-25 00:15 - 2024-04-01 17:31 - 000000000 ____D C:\Windows\InboxApps
2025-12-25 00:15 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-12-25 00:15 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-12-25 00:15 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-12-25 00:15 - 2024-04-01 17:28 - 000000000 ____D C:\Windows\system32\cs
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files (x86)\Windows Defender
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\SystemApps
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Dism
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\DDFs
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\cy-GB
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\Com
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\ca-ES
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\bn-IN
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\be-BY
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\as-IN
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\appraiser
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\am-ET
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\af-ZA
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellExperiences
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\ShellComponents
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\Provisioning
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\DiagTrack
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\BrowserCore
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\bcastdvr
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-12-25 00:15 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-12-25 00:15 - 2024-04-01 08:21 - 000000000 ____D C:\Windows\servicing
2025-12-25 00:11 - 2025-02-03 11:12 - 000000000 ____D C:\ProgramData\Package Cache
2025-12-25 00:11 - 2025-02-03 11:12 - 000000000 ____D C:\Program Files\Intel
2025-12-25 00:09 - 2025-02-03 11:12 - 000000000 ____D C:\Program Files (x86)\Intel
2025-12-25 00:09 - 2025-02-03 10:46 - 000000000 ____D C:\ProgramData\Intel
2025-12-25 00:04 - 2024-04-01 08:26 - 001384944 _____ C:\Windows\system32\vulkan-1.dll
2025-12-25 00:04 - 2024-04-01 08:26 - 001240024 _____ C:\Windows\SysWOW64\vulkan-1.dll
2025-12-25 00:04 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2025-12-25 00:04 - 2024-04-01 08:26 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2025-12-24 23:49 - 2025-02-03 11:35 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-12-24 23:49 - 2024-04-01 08:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2025-12-24 23:42 - 2025-02-03 11:56 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2025-12-24 22:36 - 2025-02-03 11:35 - 000000000 ____D C:\Windows\TempInst
2025-12-24 22:07 - 2025-02-03 10:35 - 003276800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2025-12-24 21:38 - 2025-02-03 10:49 - 000000000 ____D C:\Windows\system32\MRT
2025-12-24 21:36 - 2025-02-03 10:49 - 218369424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2025-12-24 21:31 - 2025-02-03 10:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-12-24 21:22 - 2025-02-03 11:35 - 000003706 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{80A3E6C5-90CD-43E5-8DBD-C8CD7E56E995}
2025-12-24 21:22 - 2025-02-03 11:35 - 000003580 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{7963FBBD-B712-4D08-9E2C-E64AF0867E58}
2025-12-24 21:18 - 2025-04-04 10:37 - 000003132 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2114154844-1774834752-491545778-500
2025-12-24 21:18 - 2025-04-04 10:37 - 000003058 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2114154844-1774834752-491545778-500
2025-12-24 21:18 - 2025-04-04 10:37 - 000002854 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2114154844-1774834752-491545778-500
2025-12-24 21:18 - 2025-02-03 11:36 - 000002452 _____ C:\Windows\system32\Tasks\RtkAudUService64_BG

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================