Preventivka
Napsal: 30 lis 2022 14:05
Zdravím všechny, prosím o preventivku:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by user (administrator) on DESKTOP-J0113CF (LENOVO 20JES3M302) (30-11-2022 14:01:58)
Running from C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418
Loaded Profiles: user
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\Tablet\ISD\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe ->) (Lenovo -> Lenovo) C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\UserSSCtrl.exe
(C:\Users\user\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\93.0.4585.21\opera_crashreporter.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\tpfsm.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Opera Norway AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\opera.exe <16>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\LPlatSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194496 2022-09-05] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [278440 2019-12-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\MountPoints2: {6971c106-4160-11ed-a0e1-b4d5bdf01837} - "E:\.autorun\autorun.exe"
HKLM\...\Windows x64\Print Processors\Canon TS3400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDGF.DLL [525824 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3400 series: C:\Windows\system32\CNMLMGF.DLL [962560 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {071DE34D-6BF4-4311-8D11-68571D3275DF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {0E369CDD-7269-4DB6-BC13-0DED6FB3EB08} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\737a30ee-5be7-44a8-8ebe-d52f5e72d3ed => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13068E0E-6199-4085-80EF-703B0BCBA6B2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1A5E45CD-AE01-443E-A21F-270E5F241599} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {2277BABC-90D5-49BE-B26E-79E05AB9D577} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {2A7A5D4A-C387-4433-81EF-F125CBA7EC15} - System32\Tasks\GoogleUpdateTaskMachineUA{E4E1A95F-A308-4108-A17D-C1CF9ABC99B2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {343B679B-C24E-4FA3-949D-4DD822ACFBD7} - System32\Tasks\Opera scheduled Autoupdate 1645180049 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {3515F99A-FEB5-4212-92A4-A7D8087BF201} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5001CFC6-55B9-4B1A-9550-532C19B4347B} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {50C0CE82-B112-41D9-A5DC-816783236247} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {579CAF22-D976-43D5-B8D8-4CB153CDCB3B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {580D8110-EA79-4E08-9491-F56D67914D14} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\13069f7f-08dc-4736-970c-ea9db8ca4449 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {59214E0F-B046-4E02-99E4-B8C4F0F8DA40} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {5FDB5816-2822-4BB6-A39E-98C207358AAF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {64107118-9A54-49F1-A139-68188552B02E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {6D483567-5585-471B-AB73-9FDA6A7E0866} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DBD307C-2060-4195-B669-C730BAA66536} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [63936 2021-12-02] (Lenovo -> )
Task: {6FAF4065-AB18-4297-88C2-775F67A54A63} - System32\Tasks\Lenovo\Lenovo Platform Task => C:\Windows\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
Task: {6FC65B32-DD40-4C88-B5F5-606646120E09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FD5005B-F8C2-4771-B2AE-99EE73B0AA86} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ae4043b4-4665-4d75-bb87-419a4ce622df => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {96865AD8-8ED6-4FDE-B335-3C8A8C572C09} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9BF5E1B5-3ED6-4B5D-8A86-DF5E1075AEC2} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B0578D7E-F433-4BE5-A6DE-6B9463507D5F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1C345C4-F999-4D4B-8D3F-EF46952F9B4E} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {BC04D59B-FABB-4BA8-9783-32DC26B11A82} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C3D1A8E0-0151-4970-8142-C198B273583D} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CB540BAB-DAC7-46BA-8558-BD78D8C10D43} - System32\Tasks\GoogleUpdateTaskMachineCore{114B8078-B77F-49EE-93D0-5865B62A95EB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {D0D55727-6ADC-4017-B827-4F1E0CFBC11B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {D636C1A6-C8D0-4B4E-AEEB-B52819F06582} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {DBB7257F-7271-41F1-91A4-547899BFF889} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DC2EB88D-282A-4B94-B528-843DBC752040} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {E21C5B01-15B7-4E4E-A709-7FD192728074} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
Task: {E2B8292D-B586-4B68-8397-90E739E123DC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E53E8F40-4093-4A0D-9D1F-8A6373B241E1} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {ECFA8A2E-DE1E-465A-B964-05340EC1FAC7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {F42FD8FA-B8A3-4FED-B21E-9AE4195A812E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1994733667-3999561179-3768099944-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5881862-37D2-4BB5-8942-1AC38EE03161} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {F6418C79-23CB-4A29-AAF6-54FF56D52AA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6D16DBF-C003-4A50-8AFC-4F46266B7996} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b1735ea0-fe97-414a-bb29-601608b99078" --version "6.06.10144" --silent
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{29cc5c3f-9822-4507-a330-f00fbe809f3a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5eb47522-f164-47b7-b2e3-41ee2bb558f1}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF DefaultProfile: lk15mx4v.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\lk15mx4v.default [2022-04-02]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qes5du2n.default-release [2022-11-30]
FF Homepage: Mozilla\Firefox\Profiles\qes5du2n.default-release -> www.seznam.cz
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-11-30]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2022-11-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (User-Agent Switcher) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\abikegoefdiihgbhgkkndohoflmgealc [2022-03-08]
OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-28]
OPR Extension: (Opera Wallet) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2022-08-24] (ESET, spol. s r.o. -> ESET)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3342360 2022-09-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3342360 2022-09-05] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2351304 2021-12-02] (Lenovo -> Lenovo Group Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SSSvc; C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe [146200 2018-07-19] (Lenovo -> Lenovo)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [78328 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [242168 2022-09-21] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98296 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [194312 2022-09-05] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [116960 2022-07-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [234192 2022-07-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [52880 2022-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79216 2022-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [119528 2022-07-13] (ESET, spol. s r.o. -> ESET)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [39000 2020-10-10] (IObit CO., LTD -> IObit Information Technology)
S3 LenovoBoost; C:\Windows\system32\DRIVERS\vanboost.sys [47888 2022-06-14] (Lenovo -> Lenovo Group Ltd.)
R1 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11968 2022-03-18] () [File not signed]
S3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-10-06] (Microsoft Corporation) [File not signed]
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135672 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R3 WacHidRouterISD; C:\Windows\system32\DRIVERS\wachidrouter_isd.sys [142424 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-30 14:01 - 2022-11-30 14:02 - 000000000 ____D C:\FRST
2022-11-27 22:27 - 2022-10-18 22:43 - 002369920 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2022-11-27 22:27 - 2022-10-18 22:43 - 002226048 _____ (Synaptics Incorporated.) C:\Windows\system32\synaTEE.signed.dll
2022-11-27 22:27 - 2022-10-18 22:43 - 000100224 _____ (Synaptics Incorporated) C:\Windows\system32\SynapticsUtility.exe
2022-11-27 22:27 - 2022-10-18 22:42 - 002830640 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP_UI.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 002146432 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP_UI.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000506992 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000378664 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000135552 _____ (Intel Corporation) C:\Windows\system32\sgx_capable.dll
2022-11-23 15:29 - 2022-11-23 15:29 - 000063383 _____ C:\Users\user\OneDrive\Dokumenty\Potvrzení platby.pdf
2022-11-21 23:14 - 2022-11-21 23:14 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-11-21 22:06 - 2022-11-21 22:06 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-11-21 22:06 - 2022-11-21 22:06 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-11-21 22:06 - 2022-11-21 22:06 - 000000000 ____D C:\Program Files\Google
2022-11-16 08:21 - 2022-11-21 07:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-10 13:08 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2022-11-10 13:08 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-11-09 09:33 - 2022-11-09 09:33 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-09 09:28 - 2022-11-09 09:28 - 000000000 ___HD C:\$WinREAgent
2022-11-05 23:56 - 2022-11-05 23:56 - 000674959 _____ C:\Users\user\OneDrive\Dokumenty\zas-2022-03.pdf
2022-10-31 16:32 - 2022-10-31 16:39 - 000000000 ____D C:\Users\user\OneDrive\Dokumenty\Aukro
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-31 23:59 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-30 13:44 - 2022-02-14 13:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-30 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-30 13:31 - 2022-09-21 07:53 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-30 13:31 - 2022-09-21 07:53 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-30 13:31 - 2022-02-23 09:37 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-11-30 13:31 - 2022-02-23 09:37 - 000000000 ____D C:\Program Files\CCleaner
2022-11-30 13:05 - 2022-03-08 22:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-30 10:46 - 2022-04-02 20:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2022-11-30 10:46 - 2022-03-15 17:52 - 000004210 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{7F1FFD9B-1E9F-47BF-AA48-3B77B80E719E}
2022-11-30 10:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-30 10:43 - 2022-02-14 12:52 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2022-11-30 10:43 - 2022-02-14 12:31 - 000000000 ___RD C:\Users\user\OneDrive
2022-11-29 19:14 - 2022-05-11 11:28 - 000679902 _____ C:\Windows\system32\perfh005.dat
2022-11-29 19:14 - 2022-05-11 11:28 - 000136222 _____ C:\Windows\system32\perfc005.dat
2022-11-29 19:14 - 2022-02-14 12:30 - 001596402 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-29 19:14 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-29 19:11 - 2022-02-14 12:44 - 000000000 ____D C:\Windows\TempInst
2022-11-29 18:26 - 2022-02-18 12:09 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-29 18:26 - 2022-02-18 11:45 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-29 18:26 - 2022-02-18 11:45 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-29 18:26 - 2022-02-14 12:32 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1994733667-3999561179-3768099944-1001
2022-11-29 14:40 - 2022-02-18 11:36 - 000000000 ____D C:\Users\user\OneDrive\Dokumenty\Provozní záznam
2022-11-29 13:23 - 2022-02-18 12:53 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-11-29 13:16 - 2022-02-14 12:30 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2022-11-29 07:15 - 2022-02-18 11:27 - 000004198 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1645180049
2022-11-29 07:15 - 2022-02-18 11:27 - 000001406 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-28 07:34 - 2022-02-14 12:32 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-11-28 07:33 - 2022-02-14 13:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-28 07:33 - 2022-02-14 13:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-28 07:33 - 2022-02-14 12:32 - 000000000 ____D C:\Intel
2022-11-28 07:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-11-27 22:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-11-27 22:27 - 2019-12-07 10:03 - 001572864 _____ C:\Windows\system32\config\BBI
2022-11-27 22:25 - 2022-02-14 12:43 - 000021868 _____ C:\Windows\storelibdebug.txt
2022-11-22 17:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-11-21 23:19 - 2022-02-18 12:11 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2022-11-21 23:16 - 2022-03-23 08:42 - 000002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2022-11-21 23:16 - 2022-03-23 08:42 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-11-21 07:50 - 2022-04-02 20:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-16 15:21 - 2022-04-02 20:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-16 15:21 - 2022-04-02 20:21 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-11-10 13:10 - 2022-02-27 21:25 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-10 13:10 - 2022-02-27 21:25 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-10 13:09 - 2022-03-18 11:51 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2022-11-09 16:38 - 2022-05-14 00:54 - 000454904 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-09 16:37 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-09 09:35 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-09 09:33 - 2022-02-14 12:27 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-09 09:27 - 2022-02-21 21:24 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 09:26 - 2022-02-21 21:23 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2022-02-18 12:07 - 2022-02-18 12:07 - 000000410 _____ () C:\Users\user\AppData\Local\oobelibMkey.log
2022-02-19 05:26 - 2022-02-19 11:39 - 000007597 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by user (30-11-2022 14:03:03)
Running from C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418
Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) (2022-02-14 11:25:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1994733667-3999561179-3768099944-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1994733667-3999561179-3768099944-503 - Limited - Disabled)
Guest (S-1-5-21-1994733667-3999561179-3768099944-501 - Limited - Disabled)
Lexalex (S-1-5-21-1994733667-3999561179-3768099944-1004 - Limited - Enabled)
user (S-1-5-21-1994733667-3999561179-3768099944-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-1994733667-3999561179-3768099944-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.1.0.3 - Adobe Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.15.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.61.1.10 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.6.0.2 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon TS3400 series Driver (HKLM\...\{1199FAD5-9546-44F3-81CF-FFDB8040B7BF}_Canon_TS3400_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.277.0 - Conexant Systems)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
ESET Premium Line Encryption (HKLM\...\{764DBB66-954B-498B-A8F0-5674FF309BAC}) (Version: 2.0.0.29 - ESET) Hidden
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 15.2.17.0 - ESET, spol. s r.o.)
Google Earth Pro (HKLM\...\{F5A0C4E5-0B6C-43B1-AEFA-7E0BE48214FF}) (Version: 7.3.6.9285 - Google)
HT780E Programming Software V1.07.04 (HKLM-x32\...\{C1014EE8-5799-4446-9181-54BAA24FBEB1}) (Version: 1.07.0004 - Hytera Communications Corp., Ltd.)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2.0.2 - IObit)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Scaling Utility (HKLM\...\Lenovo Scaling Utility) (Version: 3.22 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14827.20198 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Opera Stable 93.0.4585.21 (HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Opera 93.0.4585.21) (Version: 93.0.4585.21 - Opera Software)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.3.4-38 - Wacom Technology Corp.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-27] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2202.9.0_x64__k1h2ywk1493x8 [2022-03-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-02-19] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-13] (INTEL CORP) [Startup Task]
Solitaire v češtině -> C:\Program Files\WindowsApps\TreeCardGames.KlondikeSolitaireCollectionFree_5.2.5.0_x64__n666hb6ddc5jp [2022-02-23] (TreeCardGames)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0 [2022-02-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2022-08-24] (DESlock Limited -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-02-18 12:56 - 2019-12-05 16:17 - 000008704 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-02-18 12:56 - 2019-12-05 16:17 - 000104448 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2022-05-02 09:03 - 2022-05-02 09:06 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{60BFD289-F967-4CAA-AED3-00B78DCF4DCF}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [UDP Query User{590E8C45-650D-4456-B6FC-08ECEBCB93D0}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [{BABAF5A6-7FED-4292-880B-0EEF42F16C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3ADE850-AC2F-4AFA-8F00-CFF5E684E54C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54A5F2FD-5E5E-48A2-B008-97CA506AC0A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFF8FF02-8517-4301-90C5-DC405CB71FC7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC66927A-EB88-41BB-B6AB-3D322BD5D6B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3EDEFFF-A982-4391-A447-3540B6334455}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11600E84-0877-48E5-9477-857FB2DA66B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE8F21A7-6F35-4E00-A259-C42CF02389D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{903B24E9-6363-4795-A76C-7B19C7234676}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A6ED06B-3EBE-4677-BBEA-5D89275F0FB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{915404B9-7299-451B-A59B-70A2ED7F4DAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5259BD5-22AF-4FEB-B5F0-E66F8C2849C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA35AF10-A119-4CEE-BC41-24A24A7BCCB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1B67AA9B-3442-4108-A7FC-24A5A1D5BC29}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{BF0E0D6C-73B4-4456-BC3A-88197EAA50CD}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{11355B00-7B4A-43EB-8AF3-8A0EA93E9CA5}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{24B411C7-5B9F-4A59-BB8E-C05BD9520FDC}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{47ADE8F0-8892-413E-A1F9-E34042AEEEF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{23647A37-19A7-41D5-9987-1B8B4BCF1009}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{977B2224-E983-4E49-BD80-4244DE751EC5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B475A554-14D0-40BA-A056-A4CC6EFFB6AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07332231-2EBD-4CA2-A8CA-583632029B72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65813012-6EE5-48F0-AE36-16C1B197D9FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66DD72FE-E37E-4282-A169-A93763896199}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
09-11-2022 09:28:32 Instalační služba modulů systému Windows
16-11-2022 15:14:30 Naplánovaný kontrolní bod
21-11-2022 23:15:57 Instalováno Smart Switch
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/30/2022 01:32:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff8747f200f
ID chybujícího procesu: 0x3500
Čas spuštění chybující aplikace: 0x01d904b7c6a3a6c7
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 96bb3b5f-4eea-48cd-b9d3-c10671c6ac0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/30/2022 01:32:14 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (11/30/2022 01:32:14 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (11/30/2022 01:32:13 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (11/30/2022 01:32:13 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-J0113CF.local already in use; will try DESKTOP-J0113CF-2.local instead
Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-J0113CF.local. Addr 192.168.0.241
Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.241:5353 16 DESKTOP-J0113CF.local. AAAA 2A02:8308:C008:B300:809A:D3E30C9D
System errors:
=============
Error: (11/30/2022 10:45:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/30/2022 10:44:55 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/30/2022 10:43:17 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/29/2022 07:16:10 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/29/2022 07:15:59 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/29/2022 07:14:18 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/28/2022 07:36:28 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/28/2022 07:33:51 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Windows Defender:
================Event[0]:
Date: 2022-12-31 23:59:56
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.425.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x800b0101
Popis chyby: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
CodeIntegrity:
===============
Date: 2022-11-30 14:03:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-30 13:58:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO N1NET59W (1.46 ) 10/04/2022
Motherboard: LENOVO 20JES3M302
Processor: Intel(R) Core(TM) i7-7600U CPU @ 2.80GHz
Percentage of memory in use: 50%
Total physical RAM: 15989.11 MB
Available physical RAM: 7883.5 MB
Total Virtual: 32373.11 MB
Available Virtual: 24505.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.39 GB) (Free:373.98 GB) (Model: SAMSUNG MZVLB512HAJQ-000L7) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-201c77000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 4A7ABB65)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by user (administrator) on DESKTOP-J0113CF (LENOVO 20JES3M302) (30-11-2022 14:01:58)
Running from C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418
Loaded Profiles: user
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoBoostSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\Tablet\ISD\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe ->) (Lenovo -> Lenovo) C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\UserSSCtrl.exe
(C:\Users\user\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\93.0.4585.21\opera_crashreporter.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\tpfsm.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\FNCC3C~1.INF\driver\tposd.exe
(explorer.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Opera Norway AS -> Opera Software) C:\Users\user\AppData\Local\Programs\Opera\opera.exe <16>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_1e59f5ec7049260a\aesm_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_d4f47df9c2216d4d\LMS.exe
(services.exe ->) (Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\LPlatSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194496 2022-09-05] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5314096 2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [278440 2019-12-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\MountPoints2: {6971c106-4160-11ed-a0e1-b4d5bdf01837} - "E:\.autorun\autorun.exe"
HKLM\...\Windows x64\Print Processors\Canon TS3400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDGF.DLL [525824 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65488 2020-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3400 series: C:\Windows\system32\CNMLMGF.DLL [962560 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {071DE34D-6BF4-4311-8D11-68571D3275DF} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {0E369CDD-7269-4DB6-BC13-0DED6FB3EB08} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\737a30ee-5be7-44a8-8ebe-d52f5e72d3ed => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {13068E0E-6199-4085-80EF-703B0BCBA6B2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1A5E45CD-AE01-443E-A21F-270E5F241599} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed]
Task: {2277BABC-90D5-49BE-B26E-79E05AB9D577} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {2A7A5D4A-C387-4433-81EF-F125CBA7EC15} - System32\Tasks\GoogleUpdateTaskMachineUA{E4E1A95F-A308-4108-A17D-C1CF9ABC99B2} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {343B679B-C24E-4FA3-949D-4DD822ACFBD7} - System32\Tasks\Opera scheduled Autoupdate 1645180049 => C:\Users\user\AppData\Local\Programs\Opera\launcher.exe [2631112 2022-11-23] (Opera Norway AS -> Opera Software)
Task: {3515F99A-FEB5-4212-92A4-A7D8087BF201} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5001CFC6-55B9-4B1A-9550-532C19B4347B} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {50C0CE82-B112-41D9-A5DC-816783236247} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {579CAF22-D976-43D5-B8D8-4CB153CDCB3B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\Windows\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {580D8110-EA79-4E08-9491-F56D67914D14} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\13069f7f-08dc-4736-970c-ea9db8ca4449 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {59214E0F-B046-4E02-99E4-B8C4F0F8DA40} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [149280 2022-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {5FDB5816-2822-4BB6-A39E-98C207358AAF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {64107118-9A54-49F1-A139-68188552B02E} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {6D483567-5585-471B-AB73-9FDA6A7E0866} - System32\Tasks\CCleanerSkipUAC - user => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {6DBD307C-2060-4195-B669-C730BAA66536} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [63936 2021-12-02] (Lenovo -> )
Task: {6FAF4065-AB18-4297-88C2-775F67A54A63} - System32\Tasks\Lenovo\Lenovo Platform Task => C:\Windows\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
Task: {6FC65B32-DD40-4C88-B5F5-606646120E09} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FD5005B-F8C2-4771-B2AE-99EE73B0AA86} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ae4043b4-4665-4d75-bb87-419a4ce622df => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {96865AD8-8ED6-4FDE-B335-3C8A8C572C09} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476960 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9BF5E1B5-3ED6-4B5D-8A86-DF5E1075AEC2} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {B0578D7E-F433-4BE5-A6DE-6B9463507D5F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138600 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1C345C4-F999-4D4B-8D3F-EF46952F9B4E} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {BC04D59B-FABB-4BA8-9783-32DC26B11A82} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {C3D1A8E0-0151-4970-8142-C198B273583D} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {CB540BAB-DAC7-46BA-8558-BD78D8C10D43} - System32\Tasks\GoogleUpdateTaskMachineCore{114B8078-B77F-49EE-93D0-5865B62A95EB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-03-08] (Google LLC -> Google LLC)
Task: {D0D55727-6ADC-4017-B827-4F1E0CFBC11B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {D636C1A6-C8D0-4B4E-AEEB-B52819F06582} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {DBB7257F-7271-41F1-91A4-547899BFF889} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DC2EB88D-282A-4B94-B528-843DBC752040} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {E21C5B01-15B7-4E4E-A709-7FD192728074} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (No File)
Task: {E2B8292D-B586-4B68-8397-90E739E123DC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {E53E8F40-4093-4A0D-9D1F-8A6373B241E1} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\ScheduleEventAction.exe [27480 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
Task: {ECFA8A2E-DE1E-465A-B964-05340EC1FAC7} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {F42FD8FA-B8A3-4FED-B21E-9AE4195A812E} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1994733667-3999561179-3768099944-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5881862-37D2-4BB5-8942-1AC38EE03161} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => c:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 ] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {F6418C79-23CB-4A29-AAF6-54FF56D52AA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880136 2022-02-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6D16DBF-C003-4A50-8AFC-4F46266B7996} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "b1735ea0-fe97-414a-bb29-601608b99078" --version "6.06.10144" --silent
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{29cc5c3f-9822-4507-a330-f00fbe809f3a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5eb47522-f164-47b7-b2e3-41ee2bb558f1}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF DefaultProfile: lk15mx4v.default
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\lk15mx4v.default [2022-04-02]
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qes5du2n.default-release [2022-11-30]
FF Homepage: Mozilla\Firefox\Profiles\qes5du2n.default-release -> www.seznam.cz
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-11-30]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\user\AppData\Roaming\Opera Software\Opera Stable [2022-11-30]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (User-Agent Switcher) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\abikegoefdiihgbhgkkndohoflmgealc [2022-03-08]
OPR Extension: (Rich Hints Agent) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-28]
OPR Extension: (Opera Wallet) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-11-29]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\user\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-02-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3866592 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3702240 2022-09-27] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [707864 2022-08-24] (ESET, spol. s r.o. -> ESET)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3342360 2022-09-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3342360 2022-09-05] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo Instant On; C:\Windows\SysWOW64\EasyResume.exe [2351304 2021-12-02] (Lenovo -> Lenovo Group Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.13.14.0\LenovoVantageService.exe [31072 2022-05-24] (Lenovo -> Lenovo Group Ltd.)
R2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [906216 2022-03-27] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SSSvc; C:\ProgramData\Lenovo\ImController\Plugins\ThinkIntelligentSensingPackage\x86\SSSvc.exe [146200 2018-07-19] (Lenovo -> Lenovo)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [78328 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [242168 2022-09-21] (ESET, spol. s r.o. -> ESET, spol. s r.o.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [121728 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [98296 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [194312 2022-09-05] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [116960 2022-07-13] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [234192 2022-07-13] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [52880 2022-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79216 2022-07-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [119528 2022-07-13] (ESET, spol. s r.o. -> ESET)
S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [39000 2020-10-10] (IObit CO., LTD -> IObit Information Technology)
S3 LenovoBoost; C:\Windows\system32\DRIVERS\vanboost.sys [47888 2022-06-14] (Lenovo -> Lenovo Group Ltd.)
R1 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [38888 2022-03-27] (Lenovo -> Lenovo)
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11968 2022-03-18] () [File not signed]
S3 Ser2pl; C:\Windows\system32\DRIVERS\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [49152 2021-10-06] (Microsoft Corporation) [File not signed]
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [135672 2022-08-24] (DESlock Limited -> DESlock Ltd.)
R3 WacHidRouterISD; C:\Windows\system32\DRIVERS\wachidrouter_isd.sys [142424 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [439544 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-11-30 14:01 - 2022-11-30 14:02 - 000000000 ____D C:\FRST
2022-11-27 22:27 - 2022-10-18 22:43 - 002369920 _____ (Microsoft Corporation) C:\Windows\system32\WudfUpdate_01011.dll
2022-11-27 22:27 - 2022-10-18 22:43 - 002226048 _____ (Synaptics Incorporated.) C:\Windows\system32\synaTEE.signed.dll
2022-11-27 22:27 - 2022-10-18 22:43 - 000100224 _____ (Synaptics Incorporated) C:\Windows\system32\SynapticsUtility.exe
2022-11-27 22:27 - 2022-10-18 22:42 - 002830640 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP_UI.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 002146432 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP_UI.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000506992 _____ (Synaptics Incorporated.) C:\Windows\system32\AuthenticateFAM_SecureFP.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000378664 _____ (Synaptics Incorporated.) C:\Windows\SysWOW64\AuthenticateFAM_SecureFP.dll
2022-11-27 22:27 - 2022-10-18 22:42 - 000135552 _____ (Intel Corporation) C:\Windows\system32\sgx_capable.dll
2022-11-23 15:29 - 2022-11-23 15:29 - 000063383 _____ C:\Users\user\OneDrive\Dokumenty\Potvrzení platby.pdf
2022-11-21 23:14 - 2022-11-21 23:14 - 000000000 ____D C:\Windows\LastGood.Tmp
2022-11-21 22:06 - 2022-11-21 22:06 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-11-21 22:06 - 2022-11-21 22:06 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-11-21 22:06 - 2022-11-21 22:06 - 000000000 ____D C:\Program Files\Google
2022-11-16 08:21 - 2022-11-21 07:50 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-10 13:08 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2022-11-10 13:08 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-11-09 09:33 - 2022-11-09 09:33 - 000688128 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000073216 _____ C:\Windows\system32\nettraceex.dll
2022-11-09 09:33 - 2022-11-09 09:33 - 000012253 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-11-09 09:28 - 2022-11-09 09:28 - 000000000 ___HD C:\$WinREAgent
2022-11-05 23:56 - 2022-11-05 23:56 - 000674959 _____ C:\Users\user\OneDrive\Dokumenty\zas-2022-03.pdf
2022-10-31 16:32 - 2022-10-31 16:39 - 000000000 ____D C:\Users\user\OneDrive\Dokumenty\Aukro
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-12-31 23:59 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-11-30 13:44 - 2022-02-14 13:25 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-11-30 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-30 13:31 - 2022-09-21 07:53 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2022-11-30 13:31 - 2022-09-21 07:53 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2022-11-30 13:31 - 2022-02-23 09:37 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-11-30 13:31 - 2022-02-23 09:37 - 000000000 ____D C:\Program Files\CCleaner
2022-11-30 13:05 - 2022-03-08 22:33 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-30 10:46 - 2022-04-02 20:21 - 000000000 ____D C:\Users\user\AppData\LocalLow\Mozilla
2022-11-30 10:46 - 2022-03-15 17:52 - 000004210 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{7F1FFD9B-1E9F-47BF-AA48-3B77B80E719E}
2022-11-30 10:44 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-11-30 10:43 - 2022-02-14 12:52 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2022-11-30 10:43 - 2022-02-14 12:31 - 000000000 ___RD C:\Users\user\OneDrive
2022-11-29 19:14 - 2022-05-11 11:28 - 000679902 _____ C:\Windows\system32\perfh005.dat
2022-11-29 19:14 - 2022-05-11 11:28 - 000136222 _____ C:\Windows\system32\perfc005.dat
2022-11-29 19:14 - 2022-02-14 12:30 - 001596402 _____ C:\Windows\system32\PerfStringBackup.INI
2022-11-29 19:14 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-11-29 19:11 - 2022-02-14 12:44 - 000000000 ____D C:\Windows\TempInst
2022-11-29 18:26 - 2022-02-18 12:09 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-29 18:26 - 2022-02-18 11:45 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-29 18:26 - 2022-02-18 11:45 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-29 18:26 - 2022-02-14 12:32 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1994733667-3999561179-3768099944-1001
2022-11-29 14:40 - 2022-02-18 11:36 - 000000000 ____D C:\Users\user\OneDrive\Dokumenty\Provozní záznam
2022-11-29 13:23 - 2022-02-18 12:53 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-11-29 13:16 - 2022-02-14 12:30 - 000000000 ____D C:\Users\user\AppData\Local\Packages
2022-11-29 07:15 - 2022-02-18 11:27 - 000004198 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1645180049
2022-11-29 07:15 - 2022-02-18 11:27 - 000001406 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-28 07:34 - 2022-02-14 12:32 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2022-11-28 07:33 - 2022-02-14 13:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-28 07:33 - 2022-02-14 13:25 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-11-28 07:33 - 2022-02-14 12:32 - 000000000 ____D C:\Intel
2022-11-28 07:33 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-11-27 22:28 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-11-27 22:27 - 2019-12-07 10:03 - 001572864 _____ C:\Windows\system32\config\BBI
2022-11-27 22:25 - 2022-02-14 12:43 - 000021868 _____ C:\Windows\storelibdebug.txt
2022-11-22 17:29 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-11-21 23:19 - 2022-02-18 12:11 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2022-11-21 23:16 - 2022-03-23 08:42 - 000002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2022-11-21 23:16 - 2022-03-23 08:42 - 000000000 ____D C:\Program Files (x86)\Samsung
2022-11-21 07:50 - 2022-04-02 20:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-16 15:21 - 2022-04-02 20:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-16 15:21 - 2022-04-02 20:21 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-11-10 13:10 - 2022-02-27 21:25 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-10 13:10 - 2022-02-27 21:25 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-10 13:09 - 2022-03-18 11:51 - 000000000 ____D C:\Users\user\AppData\Local\CrashDumps
2022-11-09 16:38 - 2022-05-14 00:54 - 000454904 _____ C:\Windows\system32\FNTCACHE.DAT
2022-11-09 16:37 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-11-09 16:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-11-09 09:35 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-11-09 09:33 - 2022-02-14 12:27 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-11-09 09:27 - 2022-02-21 21:24 - 000000000 ____D C:\Windows\system32\MRT
2022-11-09 09:26 - 2022-02-21 21:23 - 146960040 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2022-02-18 12:07 - 2022-02-18 12:07 - 000000410 _____ () C:\Users\user\AppData\Local\oobelibMkey.log
2022-02-19 05:26 - 2022-02-19 11:39 - 000007597 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by user (30-11-2022 14:03:03)
Running from C:\Users\user\AppData\Local\Temp\scoped_dir13348_884605418
Microsoft Windows 10 Pro Version 21H2 19044.2251 (X64) (2022-02-14 11:25:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1994733667-3999561179-3768099944-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1994733667-3999561179-3768099944-503 - Limited - Disabled)
Guest (S-1-5-21-1994733667-3999561179-3768099944-501 - Limited - Disabled)
Lexalex (S-1-5-21-1994733667-3999561179-3768099944-1004 - Limited - Enabled)
user (S-1-5-21-1994733667-3999561179-3768099944-1001 - Administrator - Enabled) => C:\Users\user
WDAGUtilityAccount (S-1-5-21-1994733667-3999561179-3768099944-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.1.0.3 - Adobe Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.15.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.61.1.10 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.6.0.2 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon TS3400 series Driver (HKLM\...\{1199FAD5-9546-44F3-81CF-FFDB8040B7BF}_Canon_TS3400_series) (Version: 1.02 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.277.0 - Conexant Systems)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
ESET Premium Line Encryption (HKLM\...\{764DBB66-954B-498B-A8F0-5674FF309BAC}) (Version: 2.0.0.29 - ESET) Hidden
ESET Security (HKLM\...\{C8113C9E-3025-4DC5-89E8-71F7C080967A}) (Version: 15.2.17.0 - ESET, spol. s r.o.)
Google Earth Pro (HKLM\...\{F5A0C4E5-0B6C-43B1-AEFA-7E0BE48214FF}) (Version: 7.3.6.9285 - Google)
HT780E Programming Software V1.07.04 (HKLM-x32\...\{C1014EE8-5799-4446-9181-54BAA24FBEB1}) (Version: 1.07.0004 - Hytera Communications Corp., Ltd.)
CHIRP (HKLM-x32\...\CHIRP) (Version: - )
IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.2.0.2 - IObit)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Scaling Utility (HKLM\...\Lenovo Scaling Utility) (Version: 3.22 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.14827.20198 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.56 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 107.0 (x64 cs)) (Version: 107.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 98.0.2 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20198 - Microsoft Corporation) Hidden
Opera Stable 93.0.4585.21 (HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\Opera 93.0.4585.21) (Version: 93.0.4585.21 - Opera Software)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.3.22112.1 - Samsung Electronics Co., Ltd.)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.17.4 - VideoLAN)
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.3.4-38 - Wacom Technology Corp.)
WinRAR 6.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.11.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-05-27] (Microsoft Corporation)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2202.9.0_x64__k1h2ywk1493x8 [2022-03-28] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-02-19] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt [2022-10-13] (INTEL CORP) [Startup Task]
Solitaire v češtině -> C:\Program Files\WindowsApps\TreeCardGames.KlondikeSolitaireCollectionFree_5.2.5.0_x64__n666hb6ddc5jp [2022-02-23] (TreeCardGames)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0 [2022-02-19] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2022-08-24] (DESlock Limited -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-29] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-09-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll [2020-10-10] (IObit Information Technology -> IObit Information Technology)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-03-03] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2022-02-18 12:56 - 2019-12-05 16:17 - 000008704 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_CSY.DLL
2022-02-18 12:56 - 2019-12-05 16:17 - 000104448 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2022-05-02 09:03 - 2022-05-02 09:06 - 042859520 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3408.0_x64__8j3eq9eme6ctt\IGCC.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2020-03-06] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-18] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-1994733667-3999561179-3768099944-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{60BFD289-F967-4CAA-AED3-00B78DCF4DCF}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [UDP Query User{590E8C45-650D-4456-B6FC-08ECEBCB93D0}\\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe] => (Allow) \\192.168.88.2\sdi\sdi\sdi_x64_r2009.exe => No File
FirewallRules: [{BABAF5A6-7FED-4292-880B-0EEF42F16C99}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A3ADE850-AC2F-4AFA-8F00-CFF5E684E54C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54A5F2FD-5E5E-48A2-B008-97CA506AC0A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFF8FF02-8517-4301-90C5-DC405CB71FC7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC66927A-EB88-41BB-B6AB-3D322BD5D6B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F3EDEFFF-A982-4391-A447-3540B6334455}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{11600E84-0877-48E5-9477-857FB2DA66B4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CE8F21A7-6F35-4E00-A259-C42CF02389D1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{903B24E9-6363-4795-A76C-7B19C7234676}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2A6ED06B-3EBE-4677-BBEA-5D89275F0FB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{915404B9-7299-451B-A59B-70A2ED7F4DAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A5259BD5-22AF-4FEB-B5F0-E66F8C2849C5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BA35AF10-A119-4CEE-BC41-24A24A7BCCB4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.179.763.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1B67AA9B-3442-4108-A7FC-24A5A1D5BC29}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{BF0E0D6C-73B4-4456-BC3A-88197EAA50CD}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [TCP Query User{11355B00-7B4A-43EB-8AF3-8A0EA93E9CA5}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [UDP Query User{24B411C7-5B9F-4A59-BB8E-C05BD9520FDC}C:\users\user\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\user\appdata\local\programs\opera\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{47ADE8F0-8892-413E-A1F9-E34042AEEEF0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{23647A37-19A7-41D5-9987-1B8B4BCF1009}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{977B2224-E983-4E49-BD80-4244DE751EC5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B475A554-14D0-40BA-A056-A4CC6EFFB6AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{07332231-2EBD-4CA2-A8CA-583632029B72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65813012-6EE5-48F0-AE36-16C1B197D9FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{66DD72FE-E37E-4282-A169-A93763896199}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.56\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
09-11-2022 09:28:32 Instalační služba modulů systému Windows
16-11-2022 15:14:30 Naplánovaný kontrolní bod
21-11-2022 23:15:57 Instalováno Smart Switch
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/30/2022 01:32:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff8747f200f
ID chybujícího procesu: 0x3500
Čas spuštění chybující aplikace: 0x01d904b7c6a3a6c7
Cesta k chybující aplikaci: C:\Windows\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 96bb3b5f-4eea-48cd-b9d3-c10671c6ac0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/30/2022 01:32:14 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (11/30/2022 01:32:14 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (11/30/2022 01:32:13 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (11/30/2022 01:32:13 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-J0113CF.local already in use; will try DESKTOP-J0113CF-2.local instead
Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-J0113CF.local. Addr 192.168.0.241
Error: (11/30/2022 12:24:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.241:5353 16 DESKTOP-J0113CF.local. AAAA 2A02:8308:C008:B300:809A:D3E30C9D
System errors:
=============
Error: (11/30/2022 10:45:46 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/30/2022 10:44:55 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/30/2022 10:43:17 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/29/2022 07:16:10 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/29/2022 07:15:59 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/29/2022 07:14:18 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (11/28/2022 07:36:28 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-J0113CF)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
Error: (11/28/2022 07:33:51 AM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Windows Defender:
================Event[0]:
Date: 2022-12-31 23:59:56
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.359.425.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.3
Kód chyby: 0x800b0101
Popis chyby: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
CodeIntegrity:
===============
Date: 2022-11-30 14:03:33
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2022-11-30 13:58:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO N1NET59W (1.46 ) 10/04/2022
Motherboard: LENOVO 20JES3M302
Processor: Intel(R) Core(TM) i7-7600U CPU @ 2.80GHz
Percentage of memory in use: 50%
Total physical RAM: 15989.11 MB
Available physical RAM: 7883.5 MB
Total Virtual: 32373.11 MB
Available Virtual: 24505.41 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.39 GB) (Free:373.98 GB) (Model: SAMSUNG MZVLB512HAJQ-000L7) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-201c77000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 4A7ABB65)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)
==================== End of Addition.txt =======================