Re: Pomalší notebook
Napsal: 28 říj 2021 20:52
Tak zkusit to můžete. Bojím se ale dalších škod v systému.
Stránka 2 z 2
Re: Pomalší notebook
Napsal: 28 říj 2021 20:55
Tak, ale čo mám robiť, keď sa nemôžem dostať do systému normálne
Re: Pomalší notebook
Napsal: 29 říj 2021 09:26
Pravděpodobně nic jiného, než zkusit tu obnovu, případně zkusi návrat systému do tov. nastavení se zachováním vašich souborů.
Re: Pomalší notebook
Napsal: 29 říj 2021 12:44
Podarilo sa mi zálohovať osobné súbory a nahodil som Windows nanovo. Len by som chcel skontrolovať log, lebo pc je nejaký pomalý.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2021
Ran by domin (administrator) on DOMINIKA (LENOVO 81D1) (29-10-2021 13:28:29)
Running from C:\Users\domin\Downloads
Loaded Profiles: domin
Platform: Microsoft Windows 11 Home Version 21H2 22000.258 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\domin\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.280_none_0483b4854ca89ef9\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\microsoftwindows.client.webexperience_421.20034.345.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Microsoft) C:\Program Files\WindowsApps\microsoftteams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\Run: [MicrosoftEdgeAutoLaunch_83497DAD29FF071D0AEDF40311C6C56D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-29] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07E7C40E-BBEA-4E85-A3E5-43FC11D9A221} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0C70FF5D-A1DC-4981-BBAC-F7335A83060E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-29] (Google LLC -> Google LLC)
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {309FBD4D-9E6C-4BAA-A775-A5187A91A85F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7a826a68-7dfb-4455-b966-cc5624bd382c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {47D5D6C2-8ADF-43BC-BBF2-6A3C066C93F8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c4812b85-9819-47a0-88ca-9de20063ae9d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {516C5657-0749-4E66-8B5E-EB48031142C9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\352f5d23-153a-4260-8861-78070d7737c8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {5225BA45-AF25-4B81-8CBD-0D8317EC53A1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ecc7740-fcf7-422d-aac8-1fed8ed23005 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {74CDF648-E170-4AD9-96E6-7D83D2AB6303} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {8BC1FAA9-E7A1-410C-A119-D0046F754D54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-29] (Google LLC -> Google LLC)
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {97675C5C-CB9F-4D99-A463-68ED61273B09} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\20023dd3-11bf-460e-9a07-087b78cd8739 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {A12C1E73-DD09-4A23-966E-4A8043F6B364} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {BCCD5857-F614-4331-B258-97348A0D69EB} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 2 /f /reg:32
Task: {BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {E99B91FD-5999-40ED-85F7-94D981D59C45} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0d82e113-8304-4f0a-b79b-f21609811a35}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{66ab52eb-fa83-4bb6-8941-9c2da4d06973}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-29]
Edge DownloadDir: Default -> C:\Users\domin\OneDrive\Počítač
Edge HomePage: Default -> hxxp//www.google.sk/
Chrome:
=======
CHR Profile: C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default [2021-10-29]
CHR DownloadDir: C:\Users\domin\OneDrive\Počítač
CHR HomePage: Default -> hxxp//www.google.sk/
CHR Extension: (Prezentácie) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-29]
CHR Extension: (Dokumenty) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-29]
CHR Extension: (Disk Google) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-29]
CHR Extension: (YouTube) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-29]
CHR Extension: (Tabuľky) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-29]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Gmail) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0012061635500817mcinstcleanup; C:\WINDOWS\TEMP\001206~1.EXE [1277584 2017-08-09] (McAfee, Inc. -> McAfee, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-29 20:16 - 2021-10-29 11:25 - 000803404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-29 20:12 - 2021-10-29 20:12 - 000000000 _SHDL C:\Users\Default User
2021-10-29 20:12 - 2021-10-29 20:12 - 000000000 _SHDL C:\Users\All Users
2021-10-29 20:12 - 2021-10-29 20:12 - 000000000 _SHDL C:\Documents and Settings
2021-10-29 20:11 - 2021-10-29 20:11 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-10-29 20:10 - 2021-10-29 20:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-10-29 20:00 - 2021-10-29 20:00 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-10-29 19:51 - 2021-10-29 19:51 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-29 19:50 - 2021-10-29 19:50 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-29 19:50 - 2021-10-29 19:50 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-29 19:48 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-10-29 19:48 - 2021-10-29 19:48 - 000000000 ____D C:\Program Files\Common Files\Dolby
2021-10-29 19:48 - 2021-10-29 19:48 - 000000000 ____D C:\Intel
2021-10-29 19:48 - 2021-10-29 19:48 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2021-10-29 19:48 - 2021-10-29 11:20 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-10-29 19:47 - 2021-10-29 19:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-29 19:47 - 2021-10-29 11:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-29 19:46 - 2021-10-29 19:46 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-29 19:46 - 2021-10-29 12:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-29 19:45 - 2021-10-29 19:46 - 000293832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-29 19:45 - 2021-10-29 11:20 - 000012288 ___SH C:\DumpStack.log.tmp
2021-10-29 13:28 - 2021-10-29 13:31 - 000013842 _____ C:\Users\domin\Downloads\FRST.txt
2021-10-29 13:26 - 2021-10-29 13:30 - 000000000 ____D C:\FRST
2021-10-29 13:24 - 2021-10-29 13:25 - 002310656 _____ (Farbar) C:\Users\domin\Downloads\FRST64.exe
2021-10-29 13:11 - 2021-10-29 13:11 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-29 13:10 - 2021-10-29 13:10 - 000000000 ____D C:\Program Files\Google
2021-10-29 13:07 - 2021-10-29 13:07 - 000003458 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-29 13:07 - 2021-10-29 13:07 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-29 13:05 - 2021-10-29 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-29 13:04 - 2021-10-29 13:14 - 000000000 ____D C:\Users\domin\AppData\Local\Google
2021-10-29 12:09 - 2021-10-29 12:10 - 000000000 ____D C:\Users\domin\AppData\Local\Comms
2021-10-29 12:00 - 2021-10-29 12:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-10-29 11:59 - 2021-10-29 11:59 - 000000000 ____D C:\Users\domin\AppData\Local\OneDrive
2021-10-29 11:47 - 2021-10-29 11:47 - 000000000 ___HD C:\$WinREAgent
2021-10-29 11:43 - 2021-10-29 11:43 - 000000000 ____D C:\Users\domin\AppData\Local\Lenovo
2021-10-29 11:36 - 2021-10-29 11:42 - 000001733 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-10-29 11:36 - 2021-10-29 11:36 - 000000000 ___HD C:\OneDriveTemp
2021-10-29 11:35 - 2021-10-29 11:37 - 000000000 ___RD C:\Users\domin\OneDrive
2021-10-29 11:35 - 2021-10-29 11:36 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3322863907-1844715729-2578679110-1001
2021-10-29 11:35 - 2021-10-29 11:36 - 000002362 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-29 11:33 - 2021-10-29 11:44 - 000000000 ____D C:\Users\domin\AppData\Local\PlaceholderTileLogoFolder
2021-10-29 11:33 - 2021-10-29 11:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-29 11:31 - 2021-10-29 12:01 - 000000000 ____D C:\Users\domin\AppData\Local\Publishers
2021-10-29 11:30 - 2021-10-29 13:36 - 000000000 ____D C:\ProgramData\Packages
2021-10-29 11:30 - 2021-10-29 11:30 - 000000000 ____D C:\Users\domin\AppData\Local\Intel
2021-10-29 11:29 - 2021-10-29 13:36 - 000000000 ____D C:\Users\domin\AppData\Local\Packages
2021-10-29 11:29 - 2021-10-29 13:29 - 000000000 ____D C:\Users\domin\AppData\Local\D3DSCache
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 __SHD C:\Users\domin\IntelGraphicsProfiles
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 ____D C:\Users\domin\AppData\LocalLow\Intel
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 ____D C:\Users\domin\AppData\Local\VirtualStore
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 ____D C:\Users\domin\AppData\Local\ConnectedDevicesPlatform
2021-10-29 11:25 - 2021-10-29 11:37 - 000000000 ____D C:\Users\domin
2021-10-29 11:25 - 2021-10-29 11:25 - 000000020 ___SH C:\Users\domin\ntuser.ini
2021-10-29 11:25 - 2021-06-05 14:04 - 000001281 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-10-29 11:25 - 2021-06-05 14:04 - 000000407 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-10-29 09:58 - 2015-04-28 20:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2021-10-29 09:55 - 2021-10-29 20:13 - 000000000 ____D C:\WINDOWS\Panther
2021-10-29 09:55 - 2021-10-29 10:08 - 000000000 ____D C:\Windows.old
2021-10-29 09:52 - 2021-10-29 09:52 - 000000000 ____D C:\WINDOWS\Lenovo
2021-10-29 09:50 - 2021-10-29 09:50 - 000000000 ____D C:\WINDOWS\Firmware
2021-10-29 09:47 - 2021-10-29 09:47 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-29 09:47 - 2021-10-29 09:47 - 000000000 ____D C:\WINDOWS\Setup
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\addins
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\ProgramData\ssh
2021-10-29 09:44 - 2021-10-29 09:44 - 000000000 ____D C:\WINDOWS\system32\sk
2021-10-29 09:43 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-29 09:43 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\0409
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-10-29 09:37 - 2021-10-29 20:15 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-29 09:37 - 2021-10-29 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-29 09:37 - 2021-10-29 20:13 - 000000000 ____D C:\WINDOWS\Registration
2021-10-29 09:37 - 2021-10-29 20:06 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\Resources
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\OCR
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\IME
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\Help
2021-10-29 09:37 - 2021-10-29 20:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-29 09:37 - 2021-10-29 20:02 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-29 09:37 - 2021-10-29 20:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-29 09:37 - 2021-10-29 19:48 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-29 09:37 - 2021-10-29 13:25 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-29 09:37 - 2021-10-29 13:23 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-29 09:37 - 2021-10-29 13:05 - 000000000 ___RD C:\Program Files (x86)
2021-10-29 09:37 - 2021-10-29 11:49 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-29 09:37 - 2021-10-29 11:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-10-29 09:37 - 2021-10-29 11:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-29 09:37 - 2021-10-29 11:30 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-29 09:37 - 2021-10-29 11:20 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-29 09:37 - 2021-10-29 09:55 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\setup
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\Com
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\BrowserCore
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\Program Files\Windows NT
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\WUModels
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Web
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\WaaS
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Vss
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\UUS
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\tracing
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\TAPI
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ras
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Pbr
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\IME
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ias
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\System
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SKB
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\schemas
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SchCache
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\security
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\rescache
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\PLA
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Performance
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Media
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\InputMethod
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Globalization
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Cursors
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Containers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Branding
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\ProgramData\USOShared
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-10-29 09:37 - 2021-10-29 09:34 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-10-29 09:37 - 2021-10-29 09:34 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-10-29 09:37 - 2021-10-29 09:34 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2021-10-29 09:37 - 2021-10-29 09:34 - 000078336 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2021-10-29 09:37 - 2021-10-29 09:34 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-10-29 09:37 - 2021-10-29 09:34 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-10-29 09:37 - 2021-10-29 09:34 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-10-29 09:37 - 2021-10-29 09:34 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-10-29 09:37 - 2021-10-29 09:34 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-10-29 09:37 - 2021-10-29 09:34 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-10-29 09:37 - 2021-10-29 09:34 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-10-29 09:35 - 2021-10-29 12:23 - 000000000 ____D C:\WINDOWS\INF
2021-10-29 09:29 - 2021-10-29 13:27 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-29 09:25 - 2021-10-29 13:22 - 000000000 ____D C:\WINDOWS\servicing
2021-10-29 09:25 - 2021-10-29 11:39 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-29 09:25 - 2021-10-29 11:19 - 083623936 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-29 09:25 - 2021-10-29 11:19 - 041418752 _____ C:\WINDOWS\system32\config\SYSTEM
2021-10-29 09:25 - 2021-10-29 11:19 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2021-10-29 09:25 - 2021-10-29 11:19 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-29 09:25 - 2021-10-29 11:19 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-10-29 09:25 - 2021-10-29 11:19 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-10-29 09:25 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-10-29 07:56 - 2021-10-29 09:58 - 000000000 ___HD C:\$SysReset
2021-10-29 01:19 - 2021-06-01 14:30 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-10-29 01:19 - 2021-05-27 17:51 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-10-07 20:46 - 2021-10-07 20:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-10-07 20:40 - 2021-10-07 20:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-10-07 20:40 - 2021-10-07 20:40 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-10-07 20:40 - 2021-10-07 20:40 - 000377136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-10-07 20:40 - 2021-10-07 20:40 - 000269112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-10-07 20:40 - 2021-10-07 20:40 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2021-10-07 20:40 - 2021-10-07 20:40 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2021-10-07 20:39 - 2021-10-07 20:39 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-10-07 20:39 - 2021-10-07 20:39 - 002310384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-07 20:39 - 2021-10-07 20:39 - 001856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-07 20:39 - 2021-10-07 20:39 - 001745736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-10-07 20:39 - 2021-10-07 20:39 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-10-07 20:39 - 2021-10-07 20:39 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000453120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-07 20:39 - 2021-10-07 20:39 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-10-07 20:39 - 2021-10-07 20:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx
2021-10-07 20:39 - 2021-10-07 20:39 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx
2021-10-07 20:39 - 2021-10-07 20:39 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-10-07 20:39 - 2021-10-07 20:39 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2021-10-07 20:39 - 2021-10-07 20:39 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000014580 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-07 20:39 - 2021-10-07 20:39 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2021-10-07 20:39 - 2021-10-07 20:39 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2021-10-07 20:38 - 2021-10-07 20:38 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-07 20:38 - 2021-10-07 20:38 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-10-07 20:38 - 2021-10-07 20:38 - 000041594 _____ C:\WINDOWS\system32\ctac.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-29 20:11 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-10-29 20:08 - 2018-07-04 21:28 - 000000000 ____D C:\ProgramData\Intel
2021-10-29 20:05 - 2018-07-04 21:19 - 000000000 ____D C:\WINDOWS\Favicon_ICON
2021-10-29 20:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-10-29 20:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-10-29 20:03 - 2018-07-04 21:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-29 20:03 - 2018-07-04 21:11 - 000000000 ___HD C:\UserGuidePDF
2021-10-29 20:02 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\mcafee.com
2021-10-29 20:02 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\mcafee
2021-10-29 20:02 - 2018-07-04 21:54 - 000000000 ____D C:\ProgramData\Lenovo
2021-10-29 20:02 - 2018-07-04 21:50 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-10-29 20:02 - 2018-07-04 21:29 - 000000000 ____D C:\Program Files (x86)\Intel
2021-10-29 20:02 - 2018-07-04 21:26 - 000000000 ____D C:\Program Files\Intel
2021-10-29 20:02 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Windows Security
2021-10-29 20:01 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\Common Files\intel security
2021-10-29 20:01 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\Common Files\av
2021-10-29 20:01 - 2018-07-04 21:25 - 000000000 ____D C:\DRIVER
2021-10-29 11:57 - 2018-07-04 21:59 - 000000000 ____D C:\ProgramData\McAfee
2021-10-29 11:50 - 2018-07-04 22:00 - 000000000 ____D C:\ProgramData\Intel Security
2021-10-29 11:47 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\Common Files\mcafee
2021-10-29 11:46 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-10-29 11:33 - 2017-10-03 18:48 - 000000000 __RHD C:\Users\Public\AccountPictures
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2021
Ran by domin (29-10-2021 13:36:59)
Running from C:\Users\domin\Downloads
Microsoft Windows 11 Home Version 21H2 22000.258 (X64) (2021-10-29 18:13:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3322863907-1844715729-2578679110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3322863907-1844715729-2578679110-503 - Limited - Disabled)
domin (S-1-5-21-3322863907-1844715729-2578679110-1001 - Administrator - Enabled) => C:\Users\domin
Guest (S-1-5-21-3322863907-1844715729-2578679110-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3322863907-1844715729-2578679110-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2021-10-29] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-10-29] (Apple Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4 [2021-10-29] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.15.0_x64__k1h2ywk1493x8 [2021-10-29] (LENOVO INC.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-29] (INTEL CORP) [Startup Task]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt [2021-10-29] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.powerdvdforlenovo_14.2.2520.0_x86__m916jedk64snt [2021-10-29] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.195.0_x64__dt26b99r8h8gj [2021-10-29] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-25 21:52 - 2021-10-25 21:52 - 000137152 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20034.345.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_83497DAD29FF071D0AEDF40311C6C56D"
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D73D1337-3001-469C-A0F2-0305CC8A5894}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CE6235C-4450-436B-BC9D-659D3EB25A38}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98BAF69C-0A7D-4DBF-B781-FE12AAD3BD6A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F65279F-C82A-40E9-A92A-382A4D2227EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79215D86-ACE7-4C98-89D2-C6DB17C131D5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7F4FA35-0B6E-4320-9ABC-2E1B382ED486}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7DF33EB6-0F14-4F1E-A534-BB840E6EC3CE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E628708-64F4-46E7-AD52-8C0B702B63E6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6FDC48E-06C0-4532-99D7-678B488E0DB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E1F8FA13-C1BB-47F4-9CD0-8144165A70A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7756934-50CC-425E-AF82-3AB16CEC4E0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20306.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F08FCAC8-F5A2-4500-A646-FC82B8371632}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01390242-C3BF-47F9-A398-8A2C11C26E88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9E072B4-982B-4DA7-9366-9E271E995391}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2917EE95-F267-471D-AE6E-886A6C2A4948}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4C6F09C8-F476-476D-85A4-34367D0BFBAF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
29-10-2021 12:22:05 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/29/2021 01:34:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000905c3
Identifikácia chybujúceho procesu: 0x7c4
Čas spustenia chybujúcej aplikácie: 0x01d7ccb8a62ad8a1
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 6c9c5eb1-ed69-4326-b93e-b6702df6c6eb
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 01:26:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000905c3
Identifikácia chybujúceho procesu: 0xaf4
Čas spustenia chybujúcej aplikácie: 0x01d7ccb61ff3d32f
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 10d3e4eb-1ae3-4f32-8be4-0504af446a99
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 01:13:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000090501
Identifikácia chybujúceho procesu: 0x3168
Čas spustenia chybujúcej aplikácie: 0x01d7ccb5010412ce
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 1f72cf24-6595-4e6e-a970-71810c5bb22d
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 01:01:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.22000.120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1734
Start Time: 01d7ccb2a837f2fe
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: d35e911e-2045-4e32-a6ca-3447322239da
Faulting package full name: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Navigation
Error: (10/29/2021 12:43:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.22000.120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 27c8
Start Time: 01d7ccad22f30be5
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 5df2e88d-dc8a-4c77-8690-e4bac18b4010
Faulting package full name: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (10/29/2021 11:55:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000905c3
Identifikácia chybujúceho procesu: 0x2d74
Čas spustenia chybujúcej aplikácie: 0x01d7cca891584e6c
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 16c928b7-f50a-405c-ac29-88db08ea96c8
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 11:32:21 AM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (6700,P,98) TILEREPOSITORYS-1-5-21-3322863907-1844715729-2578679110-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).
Error: (10/29/2021 11:30:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0x1aa4
Čas spustenia chybujúcej aplikácie: 0x01d7cca76c42d0a6
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: 5124a5e1-f136-41e5-a54a-91cad39a02ba
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
System errors:
=============
Error: (10/29/2021 12:56:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Microsoft Account Sign-in Assistant zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (10/29/2021 12:56:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Microsoft Account Sign-in Assistant bol dosiahnutý časový limit (30000 ms).
Error: (10/29/2021 11:47:02 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:45:00 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:42:56 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:40:55 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:38:51 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:36:50 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2021-10-29 12:45:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 7XCN40WW 12/04/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 84%
Total physical RAM: 3918.57 MB
Available physical RAM: 610.24 MB
Total Virtual: 5858.04 MB
Available Virtual: 1809.96 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:429.49 GB) NTFS
\\?\Volume{0f49ae9f-2fe1-4928-bcb9-aee148d821f1}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{f4193deb-79d4-49f0-9fbb-4a0a96b287a5}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6DC6C26)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-10-2021
Ran by domin (administrator) on DOMINIKA (LENOVO 81D1) (29-10-2021 13:28:29)
Running from C:\Users\domin\Downloads
Loaded Profiles: domin
Platform: Microsoft Windows 11 Home Version 21H2 22000.258 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8f079a8a5c196b5d\IntelCpHeciSvc.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\95.0.1020.30\msedgewebview2.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\domin\AppData\Local\Microsoft\OneDrive\21.196.0921.0007\FileCoAuth.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.280_none_0483b4854ca89ef9\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Scans\MsMpEngCP.exe
(Microsoft Windows) C:\Program Files\WindowsApps\microsoftwindows.client.webexperience_421.20034.345.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(Microsoft) C:\Program Files\WindowsApps\microsoftteams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\Run: [MicrosoftEdgeAutoLaunch_83497DAD29FF071D0AEDF40311C6C56D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-10-29] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {07E7C40E-BBEA-4E85-A3E5-43FC11D9A221} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0C70FF5D-A1DC-4981-BBAC-F7335A83060E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-29] (Google LLC -> Google LLC)
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {309FBD4D-9E6C-4BAA-A775-A5187A91A85F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7a826a68-7dfb-4455-b966-cc5624bd382c => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {47D5D6C2-8ADF-43BC-BBF2-6A3C066C93F8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c4812b85-9819-47a0-88ca-9de20063ae9d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {516C5657-0749-4E66-8B5E-EB48031142C9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\352f5d23-153a-4260-8861-78070d7737c8 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {5225BA45-AF25-4B81-8CBD-0D8317EC53A1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ecc7740-fcf7-422d-aac8-1fed8ed23005 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {74CDF648-E170-4AD9-96E6-7D83D2AB6303} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {8BC1FAA9-E7A1-410C-A119-D0046F754D54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-29] (Google LLC -> Google LLC)
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {97675C5C-CB9F-4D99-A463-68ED61273B09} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\20023dd3-11bf-460e-9a07-087b78cd8739 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {A12C1E73-DD09-4A23-966E-4A8043F6B364} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [62440 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
Task: {BCCD5857-F614-4331-B258-97348A0D69EB} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_TVSUUpdateTask_Once => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 2 /f /reg:32
Task: {BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
Task: {E99B91FD-5999-40ED-85F7-94D981D59C45} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0d82e113-8304-4f0a-b79b-f21609811a35}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{66ab52eb-fa83-4bb6-8941-9c2da4d06973}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\domin\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-29]
Edge DownloadDir: Default -> C:\Users\domin\OneDrive\Počítač
Edge HomePage: Default -> hxxp//www.google.sk/
Chrome:
=======
CHR Profile: C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default [2021-10-29]
CHR DownloadDir: C:\Users\domin\OneDrive\Počítač
CHR HomePage: Default -> hxxp//www.google.sk/
CHR Extension: (Prezentácie) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-29]
CHR Extension: (Dokumenty) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-29]
CHR Extension: (Disk Google) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-29]
CHR Extension: (YouTube) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-29]
CHR Extension: (Tabuľky) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-29]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-29]
CHR Extension: (Gmail) - C:\Users\domin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-29]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 0012061635500817mcinstcleanup; C:\WINDOWS\TEMP\001206~1.EXE [1277584 2017-08-09] (McAfee, Inc. -> McAfee, Inc.)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81896 2021-08-12] (Lenovo -> Lenovo Group Ltd.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2599312 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2021-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [43720 2020-10-27] (ESET, spol. s r.o. -> ESET)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [49560 2021-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [421112 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [73960 2021-06-05] (Microsoft Windows -> Microsoft Corporation)
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-29 20:16 - 2021-10-29 11:25 - 000803404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-29 20:12 - 2021-10-29 20:12 - 000000000 _SHDL C:\Users\Default User
2021-10-29 20:12 - 2021-10-29 20:12 - 000000000 _SHDL C:\Users\All Users
2021-10-29 20:12 - 2021-10-29 20:12 - 000000000 _SHDL C:\Documents and Settings
2021-10-29 20:11 - 2021-10-29 20:11 - 000022744 _____ C:\WINDOWS\system32\emptyregdb.dat
2021-10-29 20:10 - 2021-10-29 20:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2021-10-29 20:00 - 2021-10-29 20:00 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2021-10-29 19:51 - 2021-10-29 19:51 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-29 19:50 - 2021-10-29 19:50 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-29 19:50 - 2021-10-29 19:50 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-29 19:48 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2021-10-29 19:48 - 2021-10-29 19:48 - 000000000 ____D C:\Program Files\Common Files\Dolby
2021-10-29 19:48 - 2021-10-29 19:48 - 000000000 ____D C:\Intel
2021-10-29 19:48 - 2021-10-29 19:48 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2021-10-29 19:48 - 2021-10-29 11:20 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2021-10-29 19:47 - 2021-10-29 19:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-10-29 19:47 - 2021-10-29 11:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-29 19:46 - 2021-10-29 19:46 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-10-29 19:46 - 2021-10-29 12:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-29 19:45 - 2021-10-29 19:46 - 000293832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-29 19:45 - 2021-10-29 11:20 - 000012288 ___SH C:\DumpStack.log.tmp
2021-10-29 13:28 - 2021-10-29 13:31 - 000013842 _____ C:\Users\domin\Downloads\FRST.txt
2021-10-29 13:26 - 2021-10-29 13:30 - 000000000 ____D C:\FRST
2021-10-29 13:24 - 2021-10-29 13:25 - 002310656 _____ (Farbar) C:\Users\domin\Downloads\FRST64.exe
2021-10-29 13:11 - 2021-10-29 13:11 - 000002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-29 13:10 - 2021-10-29 13:10 - 000000000 ____D C:\Program Files\Google
2021-10-29 13:07 - 2021-10-29 13:07 - 000003458 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-29 13:07 - 2021-10-29 13:07 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-29 13:05 - 2021-10-29 13:13 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-29 13:04 - 2021-10-29 13:14 - 000000000 ____D C:\Users\domin\AppData\Local\Google
2021-10-29 12:09 - 2021-10-29 12:10 - 000000000 ____D C:\Users\domin\AppData\Local\Comms
2021-10-29 12:00 - 2021-10-29 12:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-10-29 11:59 - 2021-10-29 11:59 - 000000000 ____D C:\Users\domin\AppData\Local\OneDrive
2021-10-29 11:47 - 2021-10-29 11:47 - 000000000 ___HD C:\$WinREAgent
2021-10-29 11:43 - 2021-10-29 11:43 - 000000000 ____D C:\Users\domin\AppData\Local\Lenovo
2021-10-29 11:36 - 2021-10-29 11:42 - 000001733 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2021-10-29 11:36 - 2021-10-29 11:36 - 000000000 ___HD C:\OneDriveTemp
2021-10-29 11:35 - 2021-10-29 11:37 - 000000000 ___RD C:\Users\domin\OneDrive
2021-10-29 11:35 - 2021-10-29 11:36 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3322863907-1844715729-2578679110-1001
2021-10-29 11:35 - 2021-10-29 11:36 - 000002362 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-10-29 11:33 - 2021-10-29 11:44 - 000000000 ____D C:\Users\domin\AppData\Local\PlaceholderTileLogoFolder
2021-10-29 11:33 - 2021-10-29 11:33 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2021-10-29 11:31 - 2021-10-29 12:01 - 000000000 ____D C:\Users\domin\AppData\Local\Publishers
2021-10-29 11:30 - 2021-10-29 13:36 - 000000000 ____D C:\ProgramData\Packages
2021-10-29 11:30 - 2021-10-29 11:30 - 000000000 ____D C:\Users\domin\AppData\Local\Intel
2021-10-29 11:29 - 2021-10-29 13:36 - 000000000 ____D C:\Users\domin\AppData\Local\Packages
2021-10-29 11:29 - 2021-10-29 13:29 - 000000000 ____D C:\Users\domin\AppData\Local\D3DSCache
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 __SHD C:\Users\domin\IntelGraphicsProfiles
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 ____D C:\Users\domin\AppData\LocalLow\Intel
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 ____D C:\Users\domin\AppData\Local\VirtualStore
2021-10-29 11:29 - 2021-10-29 11:29 - 000000000 ____D C:\Users\domin\AppData\Local\ConnectedDevicesPlatform
2021-10-29 11:25 - 2021-10-29 11:37 - 000000000 ____D C:\Users\domin
2021-10-29 11:25 - 2021-10-29 11:25 - 000000020 ___SH C:\Users\domin\ntuser.ini
2021-10-29 11:25 - 2021-06-05 14:04 - 000001281 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2021-10-29 11:25 - 2021-06-05 14:04 - 000000407 _____ C:\Users\domin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2021-10-29 09:58 - 2015-04-28 20:06 - 000043256 _____ C:\WINDOWS\system32\oemlogo.bmp
2021-10-29 09:55 - 2021-10-29 20:13 - 000000000 ____D C:\WINDOWS\Panther
2021-10-29 09:55 - 2021-10-29 10:08 - 000000000 ____D C:\Windows.old
2021-10-29 09:52 - 2021-10-29 09:52 - 000000000 ____D C:\WINDOWS\Lenovo
2021-10-29 09:50 - 2021-10-29 09:50 - 000000000 ____D C:\WINDOWS\Firmware
2021-10-29 09:47 - 2021-10-29 09:47 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2021-10-29 09:47 - 2021-10-29 09:47 - 000000000 ____D C:\WINDOWS\Setup
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\addins
2021-10-29 09:46 - 2021-10-29 09:46 - 000000000 ____D C:\ProgramData\ssh
2021-10-29 09:44 - 2021-10-29 09:44 - 000000000 ____D C:\WINDOWS\system32\sk
2021-10-29 09:43 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2021-10-29 09:43 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\winrm
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\WCN
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\slmgr
2021-10-29 09:42 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\0409
2021-10-29 09:42 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\DigitalLocker
2021-10-29 09:37 - 2021-10-29 20:15 - 000000000 ____D C:\ProgramData\USOPrivate
2021-10-29 09:37 - 2021-10-29 20:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-10-29 09:37 - 2021-10-29 20:13 - 000000000 ____D C:\WINDOWS\Registration
2021-10-29 09:37 - 2021-10-29 20:06 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\spool
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\Resources
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\OCR
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\IME
2021-10-29 09:37 - 2021-10-29 20:05 - 000000000 ____D C:\WINDOWS\Help
2021-10-29 09:37 - 2021-10-29 20:02 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-10-29 09:37 - 2021-10-29 20:02 - 000000000 ____D C:\Program Files\Common Files\System
2021-10-29 09:37 - 2021-10-29 20:02 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-10-29 09:37 - 2021-10-29 19:48 - 000000000 ____D C:\WINDOWS\appcompat
2021-10-29 09:37 - 2021-10-29 13:25 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-29 09:37 - 2021-10-29 13:23 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-29 09:37 - 2021-10-29 13:05 - 000000000 ___RD C:\Program Files (x86)
2021-10-29 09:37 - 2021-10-29 11:49 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-10-29 09:37 - 2021-10-29 11:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-10-29 09:37 - 2021-10-29 11:44 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-29 09:37 - 2021-10-29 11:30 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-29 09:37 - 2021-10-29 11:20 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-29 09:37 - 2021-10-29 09:55 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\setup
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\id-ID
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2021-10-29 09:37 - 2021-10-29 09:46 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\Program Files\Windows Defender
2021-10-29 09:37 - 2021-10-29 09:44 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\system32\Com
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\WINDOWS\BrowserCore
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\Program Files\Windows NT
2021-10-29 09:37 - 2021-10-29 09:42 - 000000000 ____D C:\Program Files (x86)\Windows NT
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 __RHD C:\Users\Public\Libraries
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\Nui
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\lxss
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\WUModels
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Web
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\WaaS
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Vss
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\UUS
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\tracing
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\TAPI
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SystemApps
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\winevt
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ras
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Pbr
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\IME
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\icsxml
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\ias
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\DriverState
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\System
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SKB
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\schemas
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\SchCache
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\security
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\rescache
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Provisioning
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\PLA
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Performance
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Media
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\InputMethod
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\IdentityCRL
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Globalization
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Cursors
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Containers
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\Branding
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\ProgramData\USOShared
2021-10-29 09:37 - 2021-10-29 09:37 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2021-10-29 09:37 - 2021-10-29 09:34 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2021-10-29 09:37 - 2021-10-29 09:34 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2021-10-29 09:37 - 2021-10-29 09:34 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2021-10-29 09:37 - 2021-10-29 09:34 - 000078336 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2021-10-29 09:37 - 2021-10-29 09:34 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2021-10-29 09:37 - 2021-10-29 09:34 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2021-10-29 09:37 - 2021-10-29 09:34 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2021-10-29 09:37 - 2021-10-29 09:34 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2021-10-29 09:37 - 2021-10-29 09:34 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2021-10-29 09:37 - 2021-10-29 09:34 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2021-10-29 09:37 - 2021-10-29 09:34 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2021-10-29 09:35 - 2021-10-29 12:23 - 000000000 ____D C:\WINDOWS\INF
2021-10-29 09:29 - 2021-10-29 13:27 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-29 09:25 - 2021-10-29 13:22 - 000000000 ____D C:\WINDOWS\servicing
2021-10-29 09:25 - 2021-10-29 11:39 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-10-29 09:25 - 2021-10-29 11:19 - 083623936 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-10-29 09:25 - 2021-10-29 11:19 - 041418752 _____ C:\WINDOWS\system32\config\SYSTEM
2021-10-29 09:25 - 2021-10-29 11:19 - 000524288 _____ C:\WINDOWS\system32\config\DEFAULT
2021-10-29 09:25 - 2021-10-29 11:19 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-10-29 09:25 - 2021-10-29 11:19 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2021-10-29 09:25 - 2021-10-29 11:19 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2021-10-29 09:25 - 2021-10-29 09:37 - 000000000 ____D C:\WINDOWS\system32\SMI
2021-10-29 07:56 - 2021-10-29 09:58 - 000000000 ___HD C:\$SysReset
2021-10-29 01:19 - 2021-06-01 14:30 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2021-10-29 01:19 - 2021-05-27 17:51 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2021-10-07 20:46 - 2021-10-07 20:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-10-07 20:46 - 2021-10-07 20:46 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-10-07 20:40 - 2021-10-07 20:40 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-10-07 20:40 - 2021-10-07 20:40 - 000491008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2021-10-07 20:40 - 2021-10-07 20:40 - 000377136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2021-10-07 20:40 - 2021-10-07 20:40 - 000269112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2021-10-07 20:40 - 2021-10-07 20:40 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2021-10-07 20:40 - 2021-10-07 20:40 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2021-10-07 20:40 - 2021-10-07 20:40 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2021-10-07 20:39 - 2021-10-07 20:39 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-10-07 20:39 - 2021-10-07 20:39 - 002310384 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-07 20:39 - 2021-10-07 20:39 - 001856848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-07 20:39 - 2021-10-07 20:39 - 001745736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-10-07 20:39 - 2021-10-07 20:39 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2021-10-07 20:39 - 2021-10-07 20:39 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000453120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-07 20:39 - 2021-10-07 20:39 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-10-07 20:39 - 2021-10-07 20:39 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmview.ocx
2021-10-07 20:39 - 2021-10-07 20:39 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmview.ocx
2021-10-07 20:39 - 2021-10-07 20:39 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2021-10-07 20:39 - 2021-10-07 20:39 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2021-10-07 20:39 - 2021-10-07 20:39 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2021-10-07 20:39 - 2021-10-07 20:39 - 000014580 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-07 20:39 - 2021-10-07 20:39 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2021-10-07 20:39 - 2021-10-07 20:39 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2021-10-07 20:38 - 2021-10-07 20:38 - 000626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-07 20:38 - 2021-10-07 20:38 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2021-10-07 20:38 - 2021-10-07 20:38 - 000041594 _____ C:\WINDOWS\system32\ctac.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-10-29 20:11 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2021-10-29 20:08 - 2018-07-04 21:28 - 000000000 ____D C:\ProgramData\Intel
2021-10-29 20:05 - 2018-07-04 21:19 - 000000000 ____D C:\WINDOWS\Favicon_ICON
2021-10-29 20:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-10-29 20:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-10-29 20:03 - 2018-07-04 21:25 - 000000000 ____D C:\ProgramData\Package Cache
2021-10-29 20:03 - 2018-07-04 21:11 - 000000000 ___HD C:\UserGuidePDF
2021-10-29 20:02 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\mcafee.com
2021-10-29 20:02 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\mcafee
2021-10-29 20:02 - 2018-07-04 21:54 - 000000000 ____D C:\ProgramData\Lenovo
2021-10-29 20:02 - 2018-07-04 21:50 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-10-29 20:02 - 2018-07-04 21:29 - 000000000 ____D C:\Program Files (x86)\Intel
2021-10-29 20:02 - 2018-07-04 21:26 - 000000000 ____D C:\Program Files\Intel
2021-10-29 20:02 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Windows Security
2021-10-29 20:01 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\Common Files\intel security
2021-10-29 20:01 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\Common Files\av
2021-10-29 20:01 - 2018-07-04 21:25 - 000000000 ____D C:\DRIVER
2021-10-29 11:57 - 2018-07-04 21:59 - 000000000 ____D C:\ProgramData\McAfee
2021-10-29 11:50 - 2018-07-04 22:00 - 000000000 ____D C:\ProgramData\Intel Security
2021-10-29 11:47 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files\Common Files\mcafee
2021-10-29 11:46 - 2018-07-04 21:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-10-29 11:33 - 2017-10-03 18:48 - 000000000 __RHD C:\Users\Public\AccountPictures
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2021
Ran by domin (29-10-2021 13:36:59)
Running from C:\Users\domin\Downloads
Microsoft Windows 11 Home Version 21H2 22000.258 (X64) (2021-10-29 18:13:20)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3322863907-1844715729-2578679110-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3322863907-1844715729-2578679110-503 - Limited - Disabled)
domin (S-1-5-21-3322863907-1844715729-2578679110-1001 - Administrator - Enabled) => C:\Users\domin
Guest (S-1-5-21-3322863907-1844715729-2578679110-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3322863907-1844715729-2578679110-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 95.0.4638.69 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1743.4.0.1217 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 95.0.1020.30 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\OneDriveSetup.exe) (Version: 21.196.0921.0007 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Packages:
=========
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20500.501.0_x64__rz1tebttyb220 [2021-10-29] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa [2021-10-29] (Apple Inc.) [Startup Task]
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.1.32.0_x64__5grkq8ppsgwt4 [2021-10-29] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2110.15.0_x64__k1h2ywk1493x8 [2021-10-29] (LENOVO INC.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.14430.20306.0_x86__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
Ovládacie centrum pre grafiku Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-10-29] (INTEL CORP) [Startup Task]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt [2021-10-29] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.powerdvdforlenovo_14.2.2520.0_x86__m916jedk64snt [2021-10-29] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.7.195.0_x64__dt26b99r8h8gj [2021-10-29] (Realtek Semiconductor Corp)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\microsoft.mpeg2videoextension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-10-29] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2021-10-25 21:52 - 2021-10-25 21:52 - 000137152 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20034.345.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp//go.microsoft.com/fwlink/p/?LinkId=255141
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp//go.microsoft.com/fwlink/?LinkId=54896
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-09-29 15:46 - 2017-09-29 15:44 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\iCLS\;C:\Program Files\Intel\TXE Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img19.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_83497DAD29FF071D0AEDF40311C6C56D"
HKU\S-1-5-21-3322863907-1844715729-2578679110-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D73D1337-3001-469C-A0F2-0305CC8A5894}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1CE6235C-4450-436B-BC9D-659D3EB25A38}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_21253.510.996.1465_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98BAF69C-0A7D-4DBF-B781-FE12AAD3BD6A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F65279F-C82A-40E9-A92A-382A4D2227EF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{79215D86-ACE7-4C98-89D2-C6DB17C131D5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B7F4FA35-0B6E-4320-9ABC-2E1B382ED486}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7DF33EB6-0F14-4F1E-A534-BB840E6EC3CE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E628708-64F4-46E7-AD52-8C0B702B63E6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D6FDC48E-06C0-4532-99D7-678B488E0DB0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E1F8FA13-C1BB-47F4-9CD0-8144165A70A6}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12122.2.54019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D7756934-50CC-425E-AF82-3AB16CEC4E0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.14430.20306.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F08FCAC8-F5A2-4500-A646-FC82B8371632}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01390242-C3BF-47F9-A398-8A2C11C26E88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C9E072B4-982B-4DA7-9366-9E271E995391}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2917EE95-F267-471D-AE6E-886A6C2A4948}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4C6F09C8-F476-476D-85A4-34367D0BFBAF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
29-10-2021 12:22:05 Inštalátor modulov systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (10/29/2021 01:34:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000905c3
Identifikácia chybujúceho procesu: 0x7c4
Čas spustenia chybujúcej aplikácie: 0x01d7ccb8a62ad8a1
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 6c9c5eb1-ed69-4326-b93e-b6702df6c6eb
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 01:26:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000905c3
Identifikácia chybujúceho procesu: 0xaf4
Čas spustenia chybujúcej aplikácie: 0x01d7ccb61ff3d32f
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 10d3e4eb-1ae3-4f32-8be4-0504af446a99
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 01:13:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000090501
Identifikácia chybujúceho procesu: 0x3168
Čas spustenia chybujúcej aplikácie: 0x01d7ccb5010412ce
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 1f72cf24-6595-4e6e-a970-71810c5bb22d
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 01:01:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.22000.120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1734
Start Time: 01d7ccb2a837f2fe
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: d35e911e-2045-4e32-a6ca-3447322239da
Faulting package full name: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Navigation
Error: (10/29/2021 12:43:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.22000.120 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 27c8
Start Time: 01d7ccad22f30be5
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 5df2e88d-dc8a-4c77-8690-e4bac18b4010
Faulting package full name: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Quiesce
Error: (10/29/2021 11:55:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SystemSettings.exe, verzia: 10.0.22000.120, časová značka: 0x27a6d211
Názov chybujúceho modulu: MusUpdateHandlers.dll, verzia: 10.0.22000.120, časová značka: 0x3559a623
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000905c3
Identifikácia chybujúceho procesu: 0x2d74
Čas spustenia chybujúcej aplikácie: 0x01d7cca891584e6c
Cesta chybujúcej aplikácie: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta chybujúceho modulu: C:\Windows\System32\MusUpdateHandlers.dll
Identifikácia hlásenia: 16c928b7-f50a-405c-ac29-88db08ea96c8
Celé meno chybujúceho balíka: windows.immersivecontrolpanel_10.0.6.1000_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: microsoft.windows.immersivecontrolpanel
Error: (10/29/2021 11:32:21 AM) (Source: ESENT) (EventID: 522) (User: )
Description: StartMenuExperienceHost (6700,P,98) TILEREPOSITORYS-1-5-21-3322863907-1844715729-2578679110-1001: An attempt to open the device with name "\\.\C:" containing "C:\" failed with system error 5 (0x00000005): "Access is denied. ". The operation will fail with error -1032 (0xfffffbf8).
Error: (10/29/2021 11:30:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Názov chybujúceho modulu: igfxEM.exe, verzia: 6.15.10.4936, časová značka: 0x5a6bd692
Kód výnimky: 0xc0000409
Odstup chyby: 0x000000000002909c
Identifikácia chybujúceho procesu: 0x1aa4
Čas spustenia chybujúcej aplikácie: 0x01d7cca76c42d0a6
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_3164bd4536ecf0a4\igfxEM.exe
Identifikácia hlásenia: 5124a5e1-f136-41e5-a54a-91cad39a02ba
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
System errors:
=============
Error: (10/29/2021 12:56:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Microsoft Account Sign-in Assistant zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (10/29/2021 12:56:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Microsoft Account Sign-in Assistant bol dosiahnutý časový limit (30000 ms).
Error: (10/29/2021 11:47:02 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:45:00 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:42:56 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:40:55 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:38:51 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
Error: (10/29/2021 11:36:50 AM) (Source: DCOM) (EventID: 10010) (User: DOMINIKA)
Description: The server {20966775-18A4-4299-B8E3-772C336B52A7} did not register with DCOM within the required timeout.
CodeIntegrity:
===============
Date: 2021-10-29 12:45:06
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\mfeav\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 7XCN40WW 12/04/2020
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Celeron(R) N4000 CPU @ 1.10GHz
Percentage of memory in use: 84%
Total physical RAM: 3918.57 MB
Available physical RAM: 610.24 MB
Total Virtual: 5858.04 MB
Available Virtual: 1809.96 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:464.51 GB) (Free:429.49 GB) NTFS
\\?\Volume{0f49ae9f-2fe1-4928-bcb9-aee148d821f1}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.44 GB) NTFS
\\?\Volume{f4193deb-79d4-49f0-9fbb-4a0a96b287a5}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6DC6C26)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Pomalší notebook
Napsal: 29 říj 2021 13:44
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\domin\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {74CDF648-E170-4AD9-96E6-7D83D2AB6303} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
EmptyTemp:
End
Re: Pomalší notebook
Napsal: 29 říj 2021 16:46
Fix result of Farbar Recovery Scan Tool (x64) Version: 29-10-2021
Ran by domin (29-10-2021 17:40:52) Run:1
Running from C:\Users\domin\OneDrive\Počítač
Loaded Profiles: domin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {74CDF648-E170-4AD9-96E6-7D83D2AB6303} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23E7A971-068D-403E-B6FE-9DDE17D2FE59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23E7A971-068D-403E-B6FE-9DDE17D2FE59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task v2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37292EA8-F458-47ED-A55C-5A3A1CCF5FD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37292EA8-F458-47ED-A55C-5A3A1CCF5FD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sih" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3891CB81-CF07-4ECD-A7CE-59544F84AF7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3891CB81-CF07-4ECD-A7CE-59544F84AF7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{74CDF648-E170-4AD9-96E6-7D83D2AB6303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74CDF648-E170-4AD9-96E6-7D83D2AB6303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DC4F6F2-5AC8-41B5-8461-383B58804B47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DC4F6F2-5AC8-41B5-8461-383B58804B47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0218C70-9C99-4043-BF17-667E1AE5C42E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0218C70-9C99-4043-BF17-667E1AE5C42E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
mfefire => service not found.
mfemms => service not found.
mfevtp => service not found.
cfwids => service not found.
mfeaack => service not found.
mfeavfk => service not found.
mfeelamk => service not found.
mfefirek => service not found.
mfehidk => service not found.
mfeplk => service not found.
mfewfpk => service not found.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11612918 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 162426 B
Edge => 0 B
Chrome => 47165019 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7792 B
NetworkService => 12062 B
domin => 79053556 B
RecycleBin => 0 B
EmptyTemp: => 131.6 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-10-2021 17:44:03)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 17:44:04 ====
Ran by domin (29-10-2021 17:40:52) Run:1
Running from C:\Users\domin\OneDrive\Počítač
Loaded Profiles: domin
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {23E7A971-068D-403E-B6FE-9DDE17D2FE59} - \OneDrive Standalone Update Task v2 -> No File <==== ATTENTION
Task: {37292EA8-F458-47ED-A55C-5A3A1CCF5FD5} - \Microsoft\Windows\WindowsUpdate\sih -> No File <==== ATTENTION
Task: {3891CB81-CF07-4ECD-A7CE-59544F84AF7D} - \Microsoft\Windows\Shell\FamilySafetyMonitorToastTask -> No File <==== ATTENTION
Task: {5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {74CDF648-E170-4AD9-96E6-7D83D2AB6303} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C} - \Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display -> No File <==== ATTENTION
Task: {8DC4F6F2-5AC8-41B5-8461-383B58804B47} - \Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask -> No File <==== ATTENTION
Task: {BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF} - \LenovoUtility Task -> No File <==== ATTENTION
Task: {D0218C70-9C99-4043-BF17-667E1AE5C42E} - \Microsoft\Windows\UpdateOrchestrator\Reboot -> No File <==== ATTENTION
S4 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe" [X]
S2 mfemms; "C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe" [X]
S2 mfevtp; "C:\Windows\system32\mfevtps.exe" [X]
S0 cfwids; system32\drivers\cfwids.sys [X]
R0 mfeaack; system32\drivers\mfeaack.sys [X]
R0 mfeavfk; system32\drivers\mfeavfk.sys [X]
S0 mfeelamk; system32\drivers\mfeelamk.sys [X]
S0 mfefirek; system32\drivers\mfefirek.sys [X]
R0 mfehidk; system32\drivers\mfehidk.sys [X]
R0 mfeplk; system32\drivers\mfeplk.sys [X]
R0 mfewfpk; system32\drivers\mfewfpk.sys [X]
C:\DumpStack.log.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
SearchScopes: HKLM -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> DefaultScope {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp//www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {253E2185-01FC-4084-8052-30D3C0F0BD06} URL = hxxp//www.bing.com/search?q={SearchTerms}&for ... TR&pc=LCTE
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23E7A971-068D-403E-B6FE-9DDE17D2FE59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23E7A971-068D-403E-B6FE-9DDE17D2FE59}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task v2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{37292EA8-F458-47ED-A55C-5A3A1CCF5FD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37292EA8-F458-47ED-A55C-5A3A1CCF5FD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsUpdate\sih" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3891CB81-CF07-4ECD-A7CE-59544F84AF7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3891CB81-CF07-4ECD-A7CE-59544F84AF7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Shell\FamilySafetyMonitorToastTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F5BF124-A1B2-4BEB-8C6B-5AD2F2D1C3DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{74CDF648-E170-4AD9-96E6-7D83D2AB6303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74CDF648-E170-4AD9-96E6-7D83D2AB6303}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F1B8FEE-DE5A-4EA2-926A-D27D4E36F03C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DC4F6F2-5AC8-41B5-8461-383B58804B47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DC4F6F2-5AC8-41B5-8461-383B58804B47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\EnterpriseMgmt\MDMMaintenenceTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF6FD6B6-0169-45EB-B3F1-D47FB9C6ABFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LenovoUtility Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0218C70-9C99-4043-BF17-667E1AE5C42E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0218C70-9C99-4043-BF17-667E1AE5C42E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot" => removed successfully
mfefire => service not found.
mfemms => service not found.
mfevtp => service not found.
cfwids => service not found.
mfeaack => service not found.
mfeavfk => service not found.
mfeelamk => service not found.
mfefirek => service not found.
mfehidk => service not found.
mfeplk => service not found.
mfewfpk => service not found.
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{253E2185-01FC-4084-8052-30D3C0F0BD06} => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11612918 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 162426 B
Edge => 0 B
Chrome => 47165019 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7792 B
NetworkService => 12062 B
domin => 79053556 B
RecycleBin => 0 B
EmptyTemp: => 131.6 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 29-10-2021 17:44:03)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 17:44:04 ====
Re: Pomalší notebook
Napsal: 29 říj 2021 16:59
Smazáno, log by již měl být OK.
Re: Pomalší notebook
Napsal: 29 říj 2021 19:55
Ďakujem, prajem pekný víkend.
Re: Pomalší notebook
Napsal: 29 říj 2021 20:53
Nemáte zač a hezký víkend i vám! 