Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2021
Ran by casua (administrator) on LAPTOP-QAN6RVD0 (LENOVO 81D1) (26-10-2021 15:55:50)
Running from C:\Users\casua\OneDrive\Počítač
Loaded Profiles: casua
Platform: Microsoft Windows 11 Home Version 21H2 22000.282 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <8>
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal_wc.inf_amd64_9171bd9f02afbfa0\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2>
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe <6>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\casua\AppData\Local\Temp\963E12B8-3A4A-49D1-A595-E482E7AC0AFA\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cleanmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20034.345.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-08-10] (Intel Corporation -> Intel)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.54\Installer\chrmstp.exe [2021-10-25] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E48B395-BA93-412F-B958-D2A0427A27BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {134C04ED-BE66-4B16-94A0-61CD9DCDD28E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
Task: {1D81E390-6855-4978-A23F-12B10A3B1BC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
Task: {36455B91-6EFF-4529-82A1-0C1BBCFE3334} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-09-13] (Intel Corporation -> Intel Corporation)
Task: {46845FAD-FC58-458A-9038-DFF41557DC28} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B70BA9E-0DB7-4468-ADB0-52A1601204EC} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9b613862-4e9a-4f94-a022-98f6d5c31bc7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {4BDD1E0B-D573-436A-8904-F156D314481B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\afa20f47-17b6-48ba-8c80-65ecfab62715 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {4D5579BD-11A7-4C95-A3F0-53BF20CAFE8C} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {4ECCF75A-4135-4DBB-AC0E-9BC23C2269FB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1416afe9-4799-49d7-91ad-3531e9067266 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {4EF6A70B-2DED-4BBE-BCB2-1BF3711C1514} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a2079f32-bec0-4064-9055-e6e6719e0e8a => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {64A33901-F686-47F4-A892-DCB7D18B2CA8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1ef4b92e-dd15-4232-9980-252ace4b783c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {6D2203A3-C0A2-42B6-ABFD-A81EBC2889D8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {7C5D0CE4-7C8E-415E-B30F-40FA8692AE4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81F16593-7138-4B7A-B176-FA6EEA05F282} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {A30F24B7-24DC-4981-B06C-EDF541BF381F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-09-13] (Intel Corporation -> Intel Corporation)
Task: {A961DCD7-376E-40BC-B81D-A64B38AB289A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {BB93E319-D2EC-4D7C-BF0C-D5A727577E9F} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {C0440EA3-6586-4817-A04A-A185A3A617AA} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe
Task: {CDDBD9BE-ADB2-44B8-A681-4D084704DA40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MpCmdRun.exe [884544 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7C91A73-BA5D-49D9-BF5A-324F5805F97E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {E03BC41C-8B2A-402E-ABB5-F2A51489444F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.4.16.0\ScheduleEventAction.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0d82e113-8304-4f0a-b79b-f21609811a35}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{66ab52eb-fa83-4bb6-8941-9c2da4d06973}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\casua\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-25]
Edge DownloadDir: Default -> C:\Users\casua\OneDrive\Počítač
Edge HomePage: Default -> hxxp//www.google.sk/
Edge Extension: (AdBlock - najlepší blokovač reklám) - C:\Users\casua\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-03-10]
FireFox:
========
FF DefaultProfile: qwjwxy0a.default
FF ProfilePath: C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\qwjwxy0a.default [2021-03-04]
FF ProfilePath: C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\3gs0gdpk.default-release [2021-09-23]
FF DownloadDir: C:\Users\casua\OneDrive\Počítač
FF Homepage: Mozilla\Firefox\Profiles\3gs0gdpk.default-release -> www.google.sk
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\casua\AppData\Roaming\Mozilla\Firefox\Profiles\3gs0gdpk.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-09-01]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default [2021-10-26]
CHR DownloadDir: C:\Users\casua\OneDrive\Počítač
CHR HomePage: Default -> hxxp//www.google.sk/
CHR Extension: (Prezentácie) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-23]
CHR Extension: (Dokumenty) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-23]
CHR Extension: (Disk Google) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-23]
CHR Extension: (YouTube) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-23]
CHR Extension: (Tabuľky) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-23]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-23]
CHR Extension: (Gmail) - C:\Users\casua\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-08-10] (Intel Corporation -> Intel)
R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [176568 2021-08-10] (Intel Corporation -> Intel)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3a494a7c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{296D1FCA-B932-4BDF-971C-ACF82DE64386}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-25 21:43 - 2021-10-25 21:43 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-25 21:43 - 2021-10-25 21:43 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-25 21:41 - 2021-10-25 21:41 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-10-25 21:41 - 2021-10-25 21:41 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-10-25 21:41 - 2021-10-25 21:41 - 000135480 _____ (Microsoft Corporation) C:\WINDOWS\system32\kstvtune.ax
2021-10-25 21:41 - 2021-10-25 21:41 - 000103224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kstvtune.ax
2021-10-25 21:41 - 2021-10-25 21:41 - 000098616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksxbar.ax
2021-10-25 21:41 - 2021-10-25 21:41 - 000082232 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbisurf.ax
2021-10-25 21:41 - 2021-10-25 21:41 - 000066360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksxbar.ax
2021-10-25 21:41 - 2021-10-25 21:41 - 000050504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbisurf.ax
2021-10-25 21:40 - 2021-10-25 21:40 - 002311416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-25 21:40 - 2021-10-25 21:40 - 001856864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-25 21:40 - 2021-10-25 21:40 - 001745736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-10-25 21:40 - 2021-10-25 21:40 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-25 21:40 - 2021-10-25 21:40 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-10-25 21:40 - 2021-10-25 21:40 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2021-10-25 21:40 - 2021-10-25 21:40 - 000014610 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-25 21:40 - 2021-10-25 21:40 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2021-10-25 21:39 - 2021-10-25 21:39 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-25 21:39 - 2021-10-25 21:39 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-10-25 21:39 - 2021-10-25 21:39 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2021-10-25 21:39 - 2021-10-25 21:39 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2021-10-25 21:39 - 2021-10-25 21:39 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2021-10-25 20:51 - 2021-10-25 20:51 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-10-25 20:40 - 2021-10-25 20:40 - 000000000 ___HD C:\$WinREAgent
2021-10-25 20:06 - 2021-10-25 20:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-10-25 20:05 - 2021-10-25 20:05 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-25 19:56 - 2021-10-25 19:56 - 000000020 ___SH C:\Users\casua\ntuser.ini
2021-10-25 19:53 - 2021-10-26 15:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-25 19:53 - 2021-10-25 19:54 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-25 19:53 - 2021-10-25 19:54 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-25 19:53 - 2021-10-25 19:54 - 000003042 _____ C:\WINDOWS\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-10-25 19:53 - 2021-10-25 19:54 - 000002970 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-10-25 19:53 - 2021-10-25 19:54 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3271678830-734790740-3617327906-1001
2021-10-25 19:53 - 2021-10-25 19:53 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-25 19:53 - 2021-10-25 19:53 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-25 19:53 - 2021-10-25 19:53 - 000002678 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2021-10-25 19:53 - 2021-10-25 19:53 - 000002604 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-10-25 19:53 - 2021-10-25 19:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-10-25 19:53 - 2021-10-25 19:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-10-25 19:52 - 2021-10-25 19:53 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2021-10-25 19:52 - 2021-10-25 19:53 - 000011433 _____ C:\WINDOWS\diagerr.xml
2021-10-25 19:42 - 2021-10-26 15:25 - 000803468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-25 19:35 - 2021-10-26 15:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-25 19:35 - 2021-10-25 21:58 - 000292968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-25 19:33 - 2021-10-25 19:55 - 000000000 ____D C:\Windows.old
2021-10-25 19:07 - 2021-10-25 19:34 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-10-25 19:05 - 2021-10-25 19:56 - 000000000 ____D C:\Users\casua
2021-10-25 19:05 - 2021-06-05 14:04 - 000001281 _____ C:\Users\casua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-10-25 19:05 - 2021-06-05 14:04 - 000000407 _____ C:\Users\casua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-10-25 19:02 - 2021-10-25 19:34 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-10-25 19:02 - 2021-10-25 19:02 - 000000000 ____D C:\WINDOWS\Lenovo
2021-10-25 19:02 - 2021-10-25 19:02 - 000000000 ____D C:\WINDOWS\Firmware
2021-10-25 19:00 - 2021-10-25 19:07 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-25 18:49 - 2021-06-01 14:30 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-10-25 18:49 - 2021-05-27 17:51 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-10-25 18:15 - 2021-10-25 18:15 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-25 17:42 - 2021-10-25 19:57 - 000000000 ___DC C:\WINDOWS\Panther
2021-10-25 17:34 - 2021-10-25 17:41 - 000000036 _____ C:\WINDOWS\progress.ini
2021-10-25 17:29 - 2021-10-25 17:34 - 000000000 ___HD C:\$GetCurrent
2021-10-25 17:28 - 2021-10-25 17:34 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2021-10-23 18:04 - 2021-10-23 18:04 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-10-23 18:04 - 2021-10-23 18:04 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-10-13 15:12 - 2021-10-13 15:12 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt
2021-10-07 20:46 - 2021-10-07 20:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-10-07 20:40 - 2021-10-07 20:40 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-10-07 20:40 - 2021-10-07 20:40 - 000377136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-10-07 20:40 - 2021-10-07 20:40 - 000269112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-10-07 20:40 - 2021-10-07 20:40 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2021-10-07 20:40 - 2021-10-07 20:40 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2021-10-07 20:39 - 2021-10-07 20:39 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-10-07 20:39 - 2021-10-07 20:39 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-10-07 20:39 - 2021-10-07 20:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx
2021-10-07 20:39 - 2021-10-07 20:39 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx
2021-10-07 20:39 - 2021-10-07 20:39 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-10-07 20:39 - 2021-10-07 20:39 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2021-10-07 20:39 - 2021-10-07 20:39 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2021-10-07 20:39 - 2021-10-07 20:39 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2021-10-07 20:38 - 2021-10-07 20:38 - 000041594 _____ C:\WINDOWS\system32\ctac.json
2021-10-06 18:12 - 2021-10-06 18:12 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-26 15:58 - 2021-08-05 21:12 - 000000000 ____D C:\FRST
2021-10-26 15:39 - 2021-09-23 18:50 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-26 15:25 - 2021-06-05 14:09 - 000000000 ____D C:\WINDOWS\INF
2021-10-26 15:23 - 2021-01-30 12:23 - 000000000 ____D C:\Users\casua\AppData\Local\D3DSCache
2021-10-26 15:22 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-10-26 15:21 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-26 15:21 - 2021-04-28 17:53 - 000000000 ____D C:\Users\casua\AppData\Local\CrashDumps
2021-10-26 15:19 - 2021-01-30 13:03 - 000000000 __SHD C:\Users\casua\IntelGraphicsProfiles
2021-10-26 15:17 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-26 15:17 - 2021-06-05 14:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-26 15:17 - 2021-01-30 20:19 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-10-26 15:17 - 2021-01-30 20:15 - 000012288 ___SH C:\DumpStack.log.tmp
2021-10-26 15:14 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-26 15:08 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-26 15:08 - 2021-01-30 12:06 - 000000000 ____D C:\Users\casua\AppData\Local\Packages
2021-10-25 22:03 - 2021-06-05 14:10 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-25 22:02 - 2021-01-30 12:07 - 000000000 ____D C:\ProgramData\Packages
2021-10-25 21:55 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-25 21:55 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-25 21:55 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-25 21:55 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-25 21:55 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-25 21:55 - 2021-06-05 14:01 - 000000000 ____D C:\WINDOWS\servicing
2021-10-25 21:54 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-25 20:51 - 2018-07-04 21:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-25 20:22 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-25 20:03 - 2021-01-30 20:37 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-25 20:01 - 2021-06-05 14:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-25 19:59 - 2017-10-03 18:48 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-10-25 19:55 - 2021-06-05 14:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-25 19:53 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-25 19:43 - 2021-06-05 14:10 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-25 19:43 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-25 19:41 - 2021-09-23 18:51 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-25 19:40 - 2021-01-30 20:18 - 000000000 ____D C:\Intel
2021-10-25 19:39 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-25 19:35 - 2021-06-05 14:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-25 19:34 - 2021-09-23 19:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-10-25 19:34 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-25 19:34 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-25 19:34 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-25 19:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-25 19:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-25 19:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Registration
2021-10-25 19:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-25 19:34 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\IME
2021-10-25 19:34 - 2021-02-14 17:15 - 000000000 ____D C:\Users\casua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-10-25 19:34 - 2021-02-14 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-10-25 19:34 - 2021-01-30 12:18 - 000000000 ___RD C:\Users\casua\OneDrive
2021-10-25 19:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-10-25 19:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-25 19:34 - 2018-07-04 21:26 - 000000000 ____D C:\Program Files\Intel
2021-10-25 19:13 - 2021-06-05 14:10 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-25 19:09 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-25 19:09 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-25 19:09 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-25 19:09 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-25 19:09 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-25 19:09 - 2021-06-05 19:57 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-25 19:09 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-25 19:07 - 2021-06-05 20:04 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-25 19:07 - 2021-06-05 20:04 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-25 19:07 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Resources
2021-10-25 19:07 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\OCR
2021-10-25 19:07 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Help
2021-10-25 19:07 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-25 19:01 - 2021-06-05 14:14 - 000000000 ____D C:\WINDOWS\Setup
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-10-25 18:49 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-10-25 18:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-25 18:47 - 2021-06-05 14:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-22 07:02 - 2021-06-09 19:28 - 000002374 _____ C:\Users\casua\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-20 18:34 - 2018-07-04 21:54 - 000000000 ____D C:\ProgramData\Lenovo
2021-10-14 09:46 - 2021-09-23 19:02 - 000000000 ____D C:\Users\casua\AppData\Roaming\vlc
2021-10-12 21:26 - 2021-01-30 12:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-12 21:26 - 2021-01-30 12:15 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-07 20:47 - 2021-06-05 20:04 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-10-07 20:47 - 2021-06-05 20:04 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-07 20:47 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-06 08:34 - 2021-01-30 20:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-05 08:15 - 2021-02-21 20:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by casua (26-10-2021 16:09:16)
Running from C:\Users\casua\OneDrive\Počítač
Microsoft Windows 11 Home Version 21H2 22000.282 (X64) (2021-10-25 17:55:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3271678830-734790740-3617327906-500 - Administrator - Disabled)
casua (S-1-5-21-3271678830-734790740-3617327906-1001 - Administrator - Enabled) => C:\Users\casua
DefaultAccount (S-1-5-21-3271678830-734790740-3617327906-503 - Limited - Disabled)
Guest (S-1-5-21-3271678830-734790740-3617327906-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3271678830-734790740-3617327906-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Asistent inštalácie Windowsu 11 (HKLM-x32\...\{115DF11E-4B4C-4EA9-9A79-00DB0C7EF02D}) (Version: 1.4.19041.1341 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.54 - Google LLC)
Intel Driver && Support Assistant (HKLM-x32\...\{BC82D1AD-802A-4733-BB90-A8E59AB8434A}) (Version: 21.5.33.3 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Intel(R) Graphics Driver Software (HKLM-x32\...\{8b5a8e04-659a-4407-b2e1-04ad55a2e72e}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{d0e4f33b-f383-4c75-8d81-ec92db2939eb}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{e159f285-6867-4ec7-83de-ddc54070f211}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Graphics Driver Software (HKLM-x32\...\{ed8a48d8-7f70-4dcd-b524-163792643281}) (Version: 3.11.1.0 - Intel) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{b09ce953-882c-4131-a693-2e1d73b1e50d}) (Version: 21.5.33.3 - Intel)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.4.16.0 - Lenovo Group Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3271678830-734790740-3617327906-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Podpora Apple aplikácií (32-bit) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora Apple aplikácií(64-bit) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Windows Kontrola stavu počítača (HKLM\...\{BDBC15A5-E9F1-485F-A0D3-7526052FB2B2}) (Version: 3.2.2110.14001 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2021-01-30] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa [2021-09-23] (Apple Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.1.22.0_x64__5grkq8ppsgwt4 [2021-10-01] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.15.0_x64__k1h2ywk1493x8 [2021-10-23] (LENOVO INC.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-01-30] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-23] (Microsoft Corporation)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-08-09] (INTEL CORP) [Startup Task]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.12518.0_x86__m916jedk64snt [2021-07-01] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.powerdvdforlenovo_14.2.2520.0_x86__m916jedk64snt [2021-01-30] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.195.0_x64__dt26b99r8h8gj [2021-01-30] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-27] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-04-13 12:36 - 2021-04-13 12:36 - 005745664 _____ () [File not signed] C:\Program Files (x86)\Intel\Driver and Support Assistant\irmfuu_module.dll
2021-08-06 19:59 - 2021-08-06 19:59 - 042803200 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-10-25 21:52 - 2021-10-25 21:52 - 000137152 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20034.345.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2021-10-21 07:23 - 2020-05-30 15:58 - 001280000 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2021-05-21 14:04 - 2021-05-21 14:04 - 000130048 _____ (Sam Grogan) [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\NotifyIconWin32.dll
2021-07-23 11:36 - 2021-07-23 11:36 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll
2021-10-21 07:24 - 2020-11-03 05:08 - 000954864 _____ (SQLite Development Team) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//lenovo17win10.msn.com/?pc=LCTE
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Intel Driver & Support Assistant"
HKU\S-1-5-21-3271678830-734790740-3617327906-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{FAC5B24D-F2F6-4ACC-B853-2CC4A13F3ECD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{73ECE870-41DF-41FF-9481-8337E54B111D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20306.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BB1B36C7-F41F-4637-838E-18D6809C1538}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{59822531-F09D-472D-B19C-C19C169FD662}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9FEB984-5652-4437-A649-C5088B5EDC16}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{348D8D7D-672E-4955-BF7B-E032912FFFF3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3166A30-D726-42F9-87BC-B99C42941A62}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{794A8E27-8EE6-4264-98B0-3696BFC4C95D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DCF8377F-64A7-4B44-A2CF-8FC5892076AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D682B94C-7BB1-4A7A-8288-3A61CCDC09F5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12121.1.54014.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5E3B175E-C3C1-4E22-BB3B-07A3E013B086}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{42A7FE1E-0C80-46C1-95C3-D3675C2B51D2}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{0886EB5A-864A-4C6D-8135-011A095C468A}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{AAFDF549-BDB2-4C8C-8F3C-E3055CF15669}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{BCF7C096-2886-4A76-B5B6-0926C841D1B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
FirewallRules: [{211911B4-3D20-48BC-BEF5-F3409BA2FBC8}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0BAAEC9D-DF7D-4568-9642-C1301170BFD0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{15057885-23EA-4E71-9145-93AF7957FC9C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{702B2014-9222-4AD2-A2E7-291F15DD6C6A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EA58D66B-61D8-475B-A426-07BC56E9D9B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{929D4D7F-C054-4932-9211-4E2FA748DF91}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEADBA25-AD34-4567-BD92-BF884005E5B1}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8072226-1E50-44DB-8BCD-58896B2612BD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
25-10-2021 20:15:27 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/26/2021 03:20:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0xfe0
Čas spustenia chybujúcej aplikácie: 0x01d7ca6c0aed0d0e
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: 5cd888bd-8b8c-4d53-a095-dbabebf381b9
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/26/2021 02:58:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0xf38
Čas spustenia chybujúcej aplikácie: 0x01d7ca68f7839821
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: 92902b98-7be8-40fc-9bbe-67cc9895abc4
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/25/2021 10:02:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0xa24
Čas spustenia chybujúcej aplikácie: 0x01d7c9db043fa005
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: 4dd8a594-64fa-47e2-9fb7-3aa5d0fc654a
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/25/2021 08:59:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0x1508
Čas spustenia chybujúcej aplikácie: 0x01d7c9d248081a0f
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: eac3bba3-7a15-4597-a783-fdba67eda694
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/25/2021 08:36:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0xb80
Čas spustenia chybujúcej aplikácie: 0x01d7c9cf0b9c4332
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: 89fa9d13-c469-4bbd-9a11-6ad763e618ef
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/25/2021 08:06:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Cortana.exe version 3.2109.6305.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2b20
Start Time: 01d7c9cae5f46d52
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
Report Id: ff50e846-d7d0-42fc-8e3b-02007afee684
Faulting package full name: Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Hang type: Quiesce
Error: (10/25/2021 07:41:30 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1017) (User: NT AUTHORITY)
Description: Disabled performance counter data collection from the "Lsa" service because the performance counter library for that service has generated one or more errors. The errors that forced this action have been written to the application event log. Correct the errors before enabling the performance counters for this service.
Error: (10/25/2021 07:41:30 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: NT AUTHORITY)
Description: The attempt to locate the Open procedure "OpenLsaPerformanceData" in DLL "C:\Windows\System32\Secur32.dll" for the "Lsa" service failed with Win32 error code 127. Performance data for this service will not be available.
System errors:
=============
Error: (10/26/2021 03:28:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Intel(R) SUR QC Software Asset Manager bol dosiahnutý časový limit (30000 ms).
Error: (10/26/2021 03:16:37 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Energy Server Service queencreek sa po prijatí ovládacieho príkazu pred vypnutím nevypla správne.
Error: (10/26/2021 03:16:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Intel(R) SUR QC Software Asset Manager bol dosiahnutý časový limit (30000 ms).
Error: (10/26/2021 03:01:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Intel(R) SUR QC Software Asset Manager bol dosiahnutý časový limit (30000 ms).
Error: (10/26/2021 02:59:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/26/2021 02:56:36 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{66AB52EB-FA83-4BB6-8941-9C2DA4D06973} because another computer on the network has the same name. The server could not start.
Error: (10/26/2021 02:56:31 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI BIOS is attempting to write to an illegal PCI Operation Region (0x10), Please contact your system vendor for technical assistance.
Error: (10/25/2021 10:03:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-QAN6RVD0)
Description: DCOM got error "1060" attempting to start the service AarSvc_ef845 with arguments "Unavailable" in order to run the server:
Windows.ApplicationModel.ConversationalAgent.Internal.ConversationalAgentSessionInternal
==================== Memory info ===========================
BIOS: LENOVO 7XCN40WW 12/04/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 86%
Total physical RAM: 3918.57 MB
Available physical RAM: 519.77 MB
Total Virtual: 5518.57 MB
Available Virtual: 1760.71 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:107.56 GB) NTFS
\\?\Volume{0f49ae9f-2fe1-4928-bcb9-aee148d821f1}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{f4193deb-79d4-49f0-9fbb-4a0a96b287a5}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomalší notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-27-2021
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 32011
# Detected: 5
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\casua\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
AdwCleaner[S00].txt - [1861 octets] - [06/08/2021 19:12:50]
AdwCleaner[C00].txt - [2306 octets] - [06/08/2021 19:16:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-10-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-27-2021
# Duration: 00:00:37
# OS: Windows 10 Home
# Scanned: 32011
# Detected: 5
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Users\casua\AppData\Local\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
AdwCleaner[S00].txt - [1861 octets] - [06/08/2021 19:12:50]
AdwCleaner[C00].txt - [2306 octets] - [06/08/2021 19:16:15]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
Toto je OK. Preinstalled jsou neškodné utility od Lenova.
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\casua\OneDrive\Počítač jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {134C04ED-BE66-4B16-94A0-61CD9DCDD28E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
Task: {1D81E390-6855-4978-A23F-12B10A3B1BC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
FirewallRules: [{BCF7C096-2886-4A76-B5B6-0926C841D1B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-10-2021
Ran by casua (27-10-2021 20:13:21) Run:2
Running from C:\Users\casua\OneDrive\Počítač
Loaded Profiles: casua
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {134C04ED-BE66-4B16-94A0-61CD9DCDD28E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
Task: {1D81E390-6855-4978-A23F-12B10A3B1BC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
FirewallRules: [{BCF7C096-2886-4A76-B5B6-0926C841D1B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{134C04ED-BE66-4B16-94A0-61CD9DCDD28E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{134C04ED-BE66-4B16-94A0-61CD9DCDD28E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D81E390-6855-4978-A23F-12B10A3B1BC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D81E390-6855-4978-A23F-12B10A3B1BC0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCF7C096-2886-4A76-B5B6-0926C841D1B8}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8412626 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 85108 B
Edge => 0 B
Chrome => 43166446 B
Firefox => 35189158 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2444 B
NetworkService => 5640 B
casua => 5337703 B
RecycleBin => 64475 B
EmptyTemp: => 89 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:14:16 ====
Ran by casua (27-10-2021 20:13:21) Run:2
Running from C:\Users\casua\OneDrive\Počítač
Loaded Profiles: casua
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {134C04ED-BE66-4B16-94A0-61CD9DCDD28E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
Task: {1D81E390-6855-4978-A23F-12B10A3B1BC0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-23] (Google LLC -> Google LLC)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
FirewallRules: [{BCF7C096-2886-4A76-B5B6-0926C841D1B8}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe => No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{134C04ED-BE66-4B16-94A0-61CD9DCDD28E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{134C04ED-BE66-4B16-94A0-61CD9DCDD28E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1D81E390-6855-4978-A23F-12B10A3B1BC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D81E390-6855-4978-A23F-12B10A3B1BC0}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCF7C096-2886-4A76-B5B6-0926C841D1B8}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8412626 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 85108 B
Edge => 0 B
Chrome => 43166446 B
Firefox => 35189158 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2444 B
NetworkService => 5640 B
casua => 5337703 B
RecycleBin => 64475 B
EmptyTemp: => 89 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:14:16 ====
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
Snazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
Určite je cítiť zmenu, ale pri zapnutí dlhšie trvá, kým na zobrazí spodná lišta.
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
Ještě zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
Nepomohlo
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
Ještě defragmentujte registry: https://www.stahuj.cz/utility_a_ostatni ... ry-defrag/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
Spravil som to a teraz vypisuje, že PRÍPRAVA SYSTÉMU WINDOWS a potom vypísalo, že sa nemôže prihlásiť do môjho konta a moje osobné súbory sú fuč
Dal som odhlásiť a znova som sa dopracoval k tejto tabuľke
Dal som odhlásiť a znova som sa dopracoval k tejto tabuľke
- Přílohy
-
- IMG_20211028_192803.jpg (83.82 KiB) Zobrazeno 984 x
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
Tak tohle je opravdu divné a zvláště u těch osobních souborů není možné, aby je nějak ovlivnil defrag registry. Osobní soubory toho moc s registry nemají společného. Podíváme se na disk. Stáhněte, nainstalujte a spusťte CrystalDiskInfo: https://www.instaluj.cz/crystaldiskinfo a přes Úpravy>Kopírovat sem dejte log
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
Tam boli 2 kroky, tak som dal oba kroky pri tej defragmentácii
Zdá sa, že súbory by tam mali byť, ale nie som si istý, keďže priečinok s názvom, v ktorom boli osobné súbory z plochy zmizli, ale to asi preto, že sa nemôže prihlásiť do môjho konta
Len prečo ma nevie prihlásiť do môjho konta?
Keď som dal ZAVRIEŤ, tak nič sa s tým notebookom nedá robiť. Ani spodná lišta sa nezobrazí, proste nič
Zdá sa, že súbory by tam mali byť, ale nie som si istý, keďže priečinok s názvom, v ktorom boli osobné súbory z plochy zmizli, ale to asi preto, že sa nemôže prihlásiť do môjho konta
Len prečo ma nevie prihlásiť do môjho konta?
Keď som dal ZAVRIEŤ, tak nič sa s tým notebookom nedá robiť. Ani spodná lišta sa nezobrazí, proste nič
-
Rudy
- Site Admin
- Příspěvky: 118270
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Pomalší notebook
To právě nevím. Proto si potřebuji ověřit, zda není disk poškozen.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Pomalší notebook
Nepomohlo by systém vrátiť o deň naspäť?
Přispějete na provoz fóra?