VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Notebook Lenovo B590

https://forum.viry.cz:443/viewtopic.php?t=159596

Stránka 1 z 1

Notebook Lenovo B590

Napsal: 30 dub 2024 15:59
od samsungs6edge
Dobrý den,

dnes jsem provedl čistou instalaci na notebooku Lenovo B590. Po poslední aktualizaci update windows, se mě zdá, že notebook má pomalejší načítání hledání v nabídce start. Můžete se prosím podívat zda je vše OK? Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Ran by LENOVO (administrator) on DESKTOP-AR8ID4U (LENOVO 20206) (30-04-2024 16:48:46)
Running from C:\Users\LENOVO\Desktop\FRST64.exe
Loaded Profiles: LENOVO
Platform: Microsoft Windows 10 Enterprise Version 22H2 19045.4291 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Windows Driver Foundation (WDF).exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\LENOVO\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows Hardware Compatibility Publisher -> Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.22.10861.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4289_none_7e26f6bc7c7a4793\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2013-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM\...\Winlogon: [Shell] explorer.exe,wzone.exe "C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\wtime.cmd" wlocale.cmd <=== ATTENTION
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4979704 2024-04-30] (Microsoft Windows -> Microsoft Corporation) <=== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [DontDisplayNetworkSelectionUI] 1
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 1
HKU\S-1-5-21-1411983480-724600386-1063534529-500\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKU\S-1-5-21-1411983480-724600386-1063534529-500\...\Policies\Explorer: [TaskbarNoThumbnail] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\124.0.6367.92\Installer\chrmstp.exe [2024-04-30] (Google LLC -> Google LLC)
IFEO\mpcmdrun.exe: [Debugger] C:\Windows\System32\systray.exe
IFEO\MusNotification.exe: [Debugger] cmd.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {77780D91-775C-4461-90E5-28A25805837F} - System32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-30] (Google LLC -> Google LLC)
Task: {3CBE7D3B-EFCE-4D80-98C6-04EEDF05ACDE} - System32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-30] (Google LLC -> Google LLC)
Task: {CB39ED53-A8A9-4482-9437-33AE8B65892E} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1411983480-724600386-1063534529-500 => C:\Users\LENOVO\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [89096 2024-04-15] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {825A2A42-3593-4804-A3D8-27A2CD64B019} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128872 2023-12-20] (Lenovo -> Lenovo)
Task: {D8921546-B23B-4FFB-8AB3-3B49FBA83D39} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [66920 2023-12-20] (Lenovo -> )
Task: {4A0141D8-23BD-4E6D-A9CA-6A175F2B1BE7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (No File)
Task: {133CBD01-9302-4328-BB3C-7B80ABBD7FF2} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (No File)
Task: {A07BFB86-9109-465B-BBFB-08100A3C83DE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C34B139D-733D-47AD-AF9A-87EDA10A82D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {33945AAD-2CFE-41CA-94F5-4393BE2CEDDE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1411983480-724600386-1063534529-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1a470c6a-1706-4c45-a6e9-4f1b3749bd73}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\LENOVO\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-30]

Chrome:
=======
CHR Profile: C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default [2024-04-30]
CHR DownloadDir: D:\Stažené soubory
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google offline) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-04-30]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24030.9-0\MpDefenderCoreService.exe [1459968 2024-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 edgeupdate; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /svc [X]
S3 edgeupdatem; "C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /medsvc [X]
S3 MicrosoftEdgeElevationService; "C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\elevation_service.exe" [X]
S2 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1049984 2013-04-17] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [20936 2024-04-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S4 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601376 2024-04-30] (Microsoft Windows -> Microsoft Corporation)
S4 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-30 16:48 - 2024-04-30 16:49 - 000010107 _____ C:\Users\LENOVO\Desktop\FRST.txt
2024-04-30 16:48 - 2024-04-30 16:48 - 000000000 ____D C:\FRST
2024-04-30 16:47 - 2024-04-30 16:47 - 002394112 _____ (Farbar) C:\Users\LENOVO\Desktop\FRST64.exe
2024-04-30 16:30 - 2024-04-30 16:30 - 000000000 ____D C:\Users\LENOVO\AppData\Local\ElevatedDiagnostics
2024-04-30 16:22 - 2024-04-30 16:24 - 000000000 ___HD C:\$WinREAgent
2024-04-30 16:09 - 2024-04-30 16:28 - 000000000 ____D C:\Users\LENOVO\Desktop\Windows Remove
2024-04-30 15:23 - 2024-04-30 15:23 - 000000000 ____D C:\Windows\LastGood.Tmp
2024-04-30 15:09 - 2024-04-30 15:09 - 000000422 _____ C:\ProgramData\ntuser.pol
2024-04-30 15:08 - 2024-04-30 15:09 - 000000000 ____D C:\Users\LENOVO\Desktop\DefCon
2024-04-30 15:02 - 2010-10-24 17:54 - 000004608 ___SH () C:\Windows\wzone.exe
2024-04-30 14:51 - 2024-04-30 16:45 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\utorrent
2024-04-30 14:51 - 2024-04-30 14:51 - 000000897 _____ C:\Users\LENOVO\Desktop\µTorrent.lnk
2024-04-30 14:51 - 2024-04-30 14:51 - 000000877 _____ C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2024-04-30 14:51 - 2024-04-30 14:51 - 000000000 ____D C:\Users\LENOVO\AppData\LocalLow\uTorrent.WebView2
2024-04-30 14:42 - 2024-04-30 15:04 - 000000000 ____D C:\Users\LENOVO\AppData\Local\BitTorrentHelper
2024-04-30 13:49 - 2024-04-30 13:49 - 000000000 ____D C:\Windows\SysWOW64\Lenovo
2024-04-30 13:49 - 2024-04-30 13:49 - 000000000 ____D C:\Windows\system32\Lenovo
2024-04-30 13:49 - 2024-04-30 13:49 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Lenovo
2024-04-30 13:49 - 2023-12-20 18:38 - 005558632 _____ (Lenovo Group Limited) C:\Windows\SysWOW64\PWMTR32V.dll
2024-04-30 13:49 - 2023-12-20 18:38 - 002352376 _____ (Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
2024-04-30 13:49 - 2023-12-20 18:38 - 000174440 _____ (Lenovo) C:\Windows\SysWOW64\InstHelper.dll
2024-04-30 13:49 - 2023-12-20 18:38 - 000103784 _____ (Lenovo) C:\Windows\SysWOW64\EventLogger.dll
2024-04-30 13:49 - 2023-12-20 18:38 - 000066920 _____ () C:\Windows\SysWOW64\PowerMgrInst.exe
2024-04-30 13:41 - 2024-04-30 13:42 - 000000000 ____D C:\ffmpeg
2024-04-30 13:38 - 2024-04-30 13:38 - 000000277 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2024-04-30 13:38 - 2024-04-30 13:38 - 000000000 ____D C:\Users\LENOVO\AppData\Local\PeerDistRepub
2024-04-30 13:36 - 2013-12-17 17:59 - 000068440 _____ (Lenovo.) C:\Windows\system32\ibmpmsvc.exe
2024-04-30 13:36 - 2013-12-17 17:59 - 000060760 _____ (Lenovo.) C:\Windows\system32\ibmpmctl.exe
2024-04-30 13:36 - 2013-12-17 17:59 - 000057144 _____ (Lenovo.) C:\Windows\system32\Drivers\ibmpmdrv.sys
2024-04-30 13:36 - 2013-12-17 17:59 - 000040280 _____ (Lenovo.) C:\Windows\system32\tpinspm.dll
2024-04-30 13:35 - 2013-03-12 13:20 - 000064624 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2024-04-30 13:31 - 2024-04-30 13:31 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-04-30 13:31 - 2024-04-30 13:31 - 000000000 ____D C:\Program Files (x86)\USB Camera
2024-04-30 13:31 - 2012-07-03 19:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2024-04-30 13:29 - 2024-04-30 13:29 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\WinRAR
2024-04-30 13:29 - 2024-04-30 13:28 - 000000836 _____ C:\Users\LENOVO\Desktop\Stažené soubory.lnk
2024-04-30 13:26 - 2024-04-30 13:49 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2024-04-30 13:26 - 2024-04-30 13:49 - 000000000 ____D C:\ProgramData\Lenovo
2024-04-30 13:26 - 2024-04-30 13:38 - 000000000 ____D C:\Windows\TempInst
2024-04-30 13:26 - 2024-04-30 13:38 - 000000000 ____D C:\Windows\system32\Tasks\TVT
2024-04-30 13:26 - 2024-04-30 13:26 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2024-04-30 13:26 - 2024-04-30 13:26 - 000000000 ____D C:\Users\LENOVO\AppData\Local\LenovoServiceBridge
2024-04-30 13:24 - 2024-04-30 13:24 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows Photo Viewer
2024-04-30 13:07 - 2024-04-30 13:07 - 000000000 ____D C:\Windows\system32\appmgmt
2024-04-30 13:03 - 2024-04-30 13:03 - 000001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP.lnk
2024-04-30 13:03 - 2024-04-30 13:03 - 000001110 _____ C:\Users\Public\Desktop\WinSCP.lnk
2024-04-30 13:03 - 2024-04-30 13:03 - 000000128 _____ C:\Users\LENOVO\AppData\Roaming\winscp.rnd
2024-04-30 13:03 - 2024-04-30 13:03 - 000000000 ____D C:\Program Files (x86)\WinSCP
2024-04-30 13:02 - 2024-04-30 16:45 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\vlc
2024-04-30 13:02 - 2024-04-30 15:18 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\MMC
2024-04-30 13:02 - 2024-04-30 13:02 - 000000916 _____ C:\Users\Public\Desktop\VLC media player.lnk
2024-04-30 13:02 - 2024-04-30 13:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-04-30 13:01 - 2024-04-30 13:01 - 000000000 ____D C:\Program Files\VideoLAN
2024-04-30 13:00 - 2024-04-02 09:18 - 007024206 _____ C:\Users\LENOVO\Desktop\mp4joiner_x64.exe
2024-04-30 12:52 - 2024-04-30 11:55 - 000000000 ____D C:\Windows\Panther
2024-04-30 12:50 - 2024-04-30 12:50 - 000000000 ____D C:\Windows\InboxApps
2024-04-30 12:38 - 2024-04-30 12:38 - 000020861 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-04-30 12:36 - 2024-04-30 12:36 - 000020861 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-04-30 12:24 - 2024-04-30 12:26 - 000000000 ____D C:\Windows\system32\MRT
2024-04-30 12:20 - 2024-04-30 13:07 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-04-30 12:17 - 2024-04-30 16:42 - 000000000 __SHD C:\Users\LENOVO\IntelGraphicsProfiles
2024-04-30 12:14 - 2024-04-30 14:38 - 000000000 ____D C:\Program Files\WinRAR
2024-04-30 12:14 - 2024-04-30 13:00 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Spelling
2024-04-30 12:14 - 2024-04-30 12:14 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-04-30 12:14 - 2024-04-30 12:14 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Comms
2024-04-30 12:14 - 2024-04-30 12:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2024-04-30 12:10 - 2024-04-30 15:21 - 000000000 ____D C:\Users\LENOVO\AppData\Local\D3DSCache
2024-04-30 12:10 - 2024-04-30 12:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY (64-bit)
2024-04-30 12:10 - 2024-04-30 12:10 - 000000000 ____D C:\Program Files\PuTTY
2024-04-30 12:09 - 2024-04-30 12:09 - 000002319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-30 12:09 - 2024-04-30 12:09 - 000002278 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-30 12:09 - 2024-04-30 12:09 - 000000000 __SHD C:\Users\LENOVO\AppData\Local\Google
2024-04-30 12:08 - 2024-04-30 16:44 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-30 12:08 - 2024-04-30 12:08 - 000003844 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4}
2024-04-30 12:08 - 2024-04-30 12:08 - 000003720 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745}
2024-04-30 12:08 - 2024-04-30 12:08 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-500
2024-04-30 12:08 - 2024-04-30 12:08 - 000000000 ____D C:\Program Files\Google
2024-04-30 12:07 - 2024-04-30 12:07 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Publishers
2024-04-30 12:06 - 2024-04-30 16:06 - 000000000 ____D C:\Users\LENOVO\AppData\Local\Packages
2024-04-30 12:06 - 2024-04-30 12:17 - 000000000 ____D C:\Users\LENOVO
2024-04-30 12:06 - 2024-04-30 12:06 - 000000020 ___SH C:\Users\LENOVO\ntuser.ini
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Šablony
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Soubory cookie
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Poslední
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Okolní tiskárny
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Okolní síť
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Nabídka Start
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Dokumenty
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Documents\Obrázky
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Documents\Hudba
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Documents\Filmy
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\Data aplikací
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 _SHDL C:\Users\LENOVO\AppData\Local\Data aplikací
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ___SD C:\Users\LENOVO\AppData\Roaming\Microsoft\SystemCertificates
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ___SD C:\Users\LENOVO\AppData\Roaming\Microsoft\Protect
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ___SD C:\Users\LENOVO\AppData\Roaming\Microsoft\Crypto
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ___SD C:\Users\LENOVO\AppData\Roaming\Microsoft\Credentials
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ___RD C:\Users\LENOVO\3D Objects
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Microsoft\Vault
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ____D C:\Users\LENOVO\AppData\Roaming\Adobe
2024-04-30 12:06 - 2024-04-30 12:06 - 000000000 ____D C:\Users\LENOVO\AppData\Local\ConnectedDevicesPlatform
2024-04-30 12:03 - 2024-04-30 16:46 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-30 12:03 - 2024-04-30 12:03 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-1001
2024-04-30 12:02 - 2024-04-30 12:03 - 000003372 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1411983480-724600386-1063534529-1001
2024-04-30 12:01 - 2024-04-30 15:23 - 000000000 ____D C:\Intel
2024-04-30 12:01 - 2024-04-30 13:31 - 000000000 ____D C:\Program Files (x86)\Intel
2024-04-30 12:01 - 2024-04-30 12:01 - 000000000 ____D C:\Program Files\Intel
2024-04-30 11:58 - 2024-04-30 11:58 - 000000000 ____D C:\Windows\CSC
2024-04-30 11:57 - 2024-04-30 13:05 - 000000000 ____D C:\ProgramData\Packages
2024-04-30 11:57 - 2024-04-30 12:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Šablony
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Poslední
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Okolní síť
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Dokumenty
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\Data aplikací
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\ProgramData\Šablony
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\ProgramData\Plocha
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\ProgramData\Dokumenty
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\ProgramData\Data aplikací
2024-04-30 11:56 - 2024-04-30 11:56 - 000000000 _SHDL C:\Documents and Settings
2024-04-30 11:54 - 2024-04-30 14:41 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-30 11:54 - 2024-04-30 14:41 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-30 11:53 - 2024-04-30 16:42 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-30 11:53 - 2024-04-30 16:42 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-30 11:53 - 2024-04-30 14:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-30 11:53 - 2024-04-30 13:00 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-04-30 11:53 - 2024-04-30 12:51 - 000259768 _____ C:\Windows\system32\FNTCACHE.DAT
2024-04-30 11:53 - 2024-04-30 11:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2024-04-30 11:53 - 2024-04-30 11:53 - 000000000 ____D C:\Windows\ServiceProfiles

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-30 16:48 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-04-30 16:46 - 2019-12-07 16:43 - 000683426 _____ C:\Windows\system32\perfh005.dat
2024-04-30 16:46 - 2019-12-07 16:43 - 000137206 _____ C:\Windows\system32\perfc005.dat
2024-04-30 16:44 - 2023-05-05 14:28 - 000000000 ____D C:\Windows\SystemTemp
2024-04-30 16:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-30 16:41 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-04-30 16:09 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemApps
2024-04-30 16:06 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-30 16:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-04-30 15:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2024-04-30 13:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\System
2024-04-30 13:08 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-04-30 12:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2024-04-30 12:56 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-04-30 12:52 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2024-04-30 12:50 - 2019-12-07 16:47 - 000000000 ___SD C:\Windows\system32\AppV
2024-04-30 12:50 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-04-30 12:50 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-04-30 12:50 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-04-30 12:50 - 2019-12-07 16:43 - 000000000 ____D C:\Windows\SysWOW64\cs
2024-04-30 12:50 - 2019-12-07 16:43 - 000000000 ____D C:\Windows\system32\cs
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\F12
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Sysprep
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Com
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\IME
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2024-04-30 12:50 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-04-30 12:50 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2024-04-30 12:45 - 2019-12-07 16:47 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-04-30 12:45 - 2019-12-07 16:47 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-04-30 12:45 - 2019-12-07 11:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2024-04-30 12:45 - 2019-12-07 11:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2024-04-30 12:24 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-04-30 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2024-04-30 12:06 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2024-04-30 11:58 - 2019-12-07 16:45 - 000000000 ____D C:\Windows\system32\FxsTmp
2024-04-30 11:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2024-04-30 11:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2024-04-30 11:56 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT

==================== Files in the root of some directories ========

2024-04-30 13:03 - 2024-04-30 13:03 - 000000128 _____ () C:\Users\LENOVO\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by LENOVO (30-04-2024 16:50:48)
Running from C:\Users\LENOVO\Desktop
Microsoft Windows 10 Enterprise Version 22H2 19045.4291 (X64) (2024-04-30 09:56:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

DefaultAccount (S-1-5-21-1411983480-724600386-1063534529-503 - Limited - Disabled)
Guest (S-1-5-21-1411983480-724600386-1063534529-501 - Limited - Disabled)
LENOVO (S-1-5-21-1411983480-724600386-1063534529-500 - Administrator - Enabled) => C:\Users\LENOVO
WDAGUtilityAccount (S-1-5-21-1411983480-724600386-1063534529-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1411983480-724600386-1063534529-500\...\uTorrent) (Version: 3.6.0.47062 - BitTorrent Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 124.0.6367.92 - Google LLC)
Integrated Camera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 5.13.415.31 - Vimicro)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - )
Lenovo Service Bridge (HKU\S-1-5-21-1411983480-724600386-1063534529-500\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.16 - Lenovo)
PuTTY release 0.81 (64-bit) (HKLM\...\{DDC95F26-92B1-4546-9678-5DC68DF76BA0}) (Version: 0.81.0.0 - Simon Tatham)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version: - Lenovo Group Limited)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
WinSCP 6.3.3 (HKLM-x32\...\winscp3_is1) (Version: 6.3.3 - Martin Prikryl)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2024-02-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\BHO\ie_to_edge_bho_64.dll => No File
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\BHO\ie_to_edge_bho.dll => No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1411983480-724600386-1063534529-500\Control Panel\Desktop\\Wallpaper -> C:\Users\LENOVO\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
HKU\S-1-5-21-1411983480-724600386-1063534529-500\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 0)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-1411983480-724600386-1063534529-500\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{56CF24F8-3E0C-4C98-A249-D3BD0643A3B9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{AB2CC01D-B3FE-4F51-9CD6-599E074D65F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe => No File
FirewallRules: [{D85BB620-9F73-476A-845B-081D06268DF7}] => (Allow) C:\Users\LENOVO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{1E1F7308-5376-49B4-88A1-439FE0108540}] => (Allow) C:\Users\LENOVO\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Limited)
FirewallRules: [{39831994-54B5-4D0F-A75D-AB6CED33D426}] => (Allow) C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\Windows Driver Foundation (WDF).exe () [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:126.33 GB) (Free:89.17 GB) (71%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/30/2024 12:36:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.2788 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1b20

Čas spuštění: 01da9ae7b35629b5

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 58265037-a0b4-42ef-b3b9-23e805edaac0

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Quiesce

Error: (04/30/2024 11:58:33 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x800704CF
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (04/30/2024 11:58:13 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/30/2024 11:55:59 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba součásti ESENT: -1409.


System errors:
=============
Error: (04/30/2024 04:44:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Update Health Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/30/2024 04:44:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Edge Update Service (edgeupdate) neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/30/2024 04:24:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): 2024-01, aktualizace zabezpečení pro Windows 10 Version 22H2 pro systémy typu x64 (KB5034441).

Error: (04/30/2024 04:03:10 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: Nelze vytvořit vazbu k základnímu přenosu pro [::]:50129. Seznam protokolu IP jen pro naslouchání (Listen-Only) pravděpodobně obsahuje odkaz na rozhraní, které v tomto počítači nemusí existovat. Číslo chyby se nachází v poli s daty.

Error: (04/30/2024 04:03:10 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: Nelze vytvořit vazbu k základnímu přenosu pro [::]:50128. Seznam protokolu IP jen pro naslouchání (Listen-Only) pravděpodobně obsahuje odkaz na rozhraní, které v tomto počítači nemusí existovat. Číslo chyby se nachází v poli s daty.

Error: (04/30/2024 04:00:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Update Health Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/30/2024 03:52:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Update Health Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/30/2024 03:45:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Microsoft Update Health Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2024-04-30 14:54:07
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$DRa6992.36627.rartemp\Patch_uTorrent.3.6.x.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AR8ID4U\LENOVO
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.409.602.0, AS: 1.409.602.0, NIS: 1.409.602.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4

Date: 2024-04-30 14:52:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$DRa6992.36627.rartemp\Patch_uTorrent.3.6.x.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AR8ID4U\LENOVO
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.409.602.0, AS: 1.409.602.0, NIS: 1.409.602.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4

Date: 2024-04-30 14:52:21
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$DRa3496.34809.rartemp\Patch_uTorrent.3.6.x.exe; file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$EXa3496.33697.rartemp\Patch_uTorrent.3.6.x.exe; file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$EXa3496.34246.rartemp\Patch_uTorrent.3.6.x.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AR8ID4U\LENOVO
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.409.602.0, AS: 1.409.602.0, NIS: 1.409.602.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4

Date: 2024-04-30 14:52:17
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$EXa3496.33697.rartemp\Patch_uTorrent.3.6.x.exe; file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$EXa3496.34246.rartemp\Patch_uTorrent.3.6.x.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AR8ID4U\LENOVO
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.409.602.0, AS: 1.409.602.0, NIS: 1.409.602.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4

Date: 2024-04-30 14:52:16
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/AgentTesla!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\LENOVO\AppData\Local\Temp\Rar$EXa3496.33697.rartemp\Patch_uTorrent.3.6.x.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-AR8ID4U\LENOVO
Název procesu: C:\Program Files\WinRAR\WinRAR.exe
Verze bezpečnostních informací: AV: 1.409.602.0, AS: 1.409.602.0, NIS: 1.409.602.0
Verze modulu: AM: 1.1.24030.4, NIS: 1.1.24030.4

==================== Memory info ===========================

BIOS: LENOVO H9ET81WW(1.18) 12/05/2013
Motherboard: LENOVO 20206
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16270.22 MB
Available physical RAM: 14157.96 MB
Total Virtual: 19214.22 MB
Available Virtual: 17189.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:126.33 GB) (Free:89.17 GB) (Model: Verbatim Vi550 S3) NTFS
Drive d: (Dokumenty) (Fixed) (Total:349.99 GB) (Free:19.93 GB) (Model: Verbatim Vi550 S3) NTFS

\\?\Volume{9557e502-8c64-4fdc-80fc-bd965962a691}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{90224111-4203-4c08-bdef-4a501b59614c}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 16:55
od Rudy
Zdravím!
To firemní NB, nebo váš osobní?

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 16:58
od samsungs6edge
Dobrý den,

osobní počítač. Měl jsem HP Probook 6560b, ale tento Lenovo B590 je o něco lepší.

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 17:54
od Rudy
Ale ten oper systém asi nebude zrovna košér, že? Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Winlogon: [Shell] explorer.exe,wzone.exe "C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\wtime.cmd" wlocale.cmd <=== ATTENTION
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4979704 2024-04-30] (Microsoft Windows -> Microsoft Corporation) <=== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
IFEO\mpcmdrun.exe: [Debugger] C:\Windows\System32\systray.exe
IFEO\MusNotification.exe: [Debugger] cmd.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {77780D91-775C-4461-90E5-28A25805837F} - System32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-30] (Google LLC -> Google LLC)
Task: {3CBE7D3B-EFCE-4D80-98C6-04EEDF05ACDE} - System32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-30] (Google LLC -> Google LLC)
Task: {4A0141D8-23BD-4E6D-A9CA-6A175F2B1BE7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (No File)
Task: {133CBD01-9302-4328-BB3C-7B80ABBD7FF2} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (No File)
Task: {A07BFB86-9109-465B-BBFB-08100A3C83DE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C34B139D-733D-47AD-AF9A-87EDA10A82D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {33945AAD-2CFE-41CA-94F5-4393BE2CEDDE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1411983480-724600386-1063534529-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745}
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\BHO\ie_to_edge_bho_64.dll => No File
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\BHO\ie_to_edge_bho.dll => No File
FirewallRules: [{AB2CC01D-B3FE-4F51-9CD6-599E074D65F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe => No File
C:\Users\LENOVO\AppData\Local\Temp


EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 18:16
od samsungs6edge
Tak já jsem přešel z Windows 10 Pro na verzi Enterprise. Níže posílám log

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.04.2024 01
Ran by LENOVO (30-04-2024 19:14:19) Run:1
Running from C:\Users\LENOVO\Desktop
Loaded Profiles: LENOVO
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Winlogon: [Shell] explorer.exe,wzone.exe "C:\Users\LENOVO\AppData\Local\Google\Chrome\User Data\wtime.cmd" wlocale.cmd <=== ATTENTION
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4979704 2024-04-30] (Microsoft Windows -> Microsoft Corporation) <=== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
IFEO\mpcmdrun.exe: [Debugger] C:\Windows\System32\systray.exe
IFEO\MusNotification.exe: [Debugger] cmd.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {77780D91-775C-4461-90E5-28A25805837F} - System32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-30] (Google LLC -> Google LLC)
Task: {3CBE7D3B-EFCE-4D80-98C6-04EEDF05ACDE} - System32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2024-04-30] (Google LLC -> Google LLC)
Task: {4A0141D8-23BD-4E6D-A9CA-6A175F2B1BE7} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /c (No File)
Task: {133CBD01-9302-4328-BB3C-7B80ABBD7FF2} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe /ua /installsource scheduler (No File)
Task: {A07BFB86-9109-465B-BBFB-08100A3C83DE} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {C34B139D-733D-47AD-AF9A-87EDA10A82D2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {33945AAD-2CFE-41CA-94F5-4393BE2CEDDE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1411983480-724600386-1063534529-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4}
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745}
C:\DumpStack.log.tmp
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\Microsoft.SharePoint.exe" => No File
CustomCLSID: HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> "C:\Users\LENOVO\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileCoAuth.exe" => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\BHO\ie_to_edge_bho_64.dll => No File
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\124.0.2478.67\BHO\ie_to_edge_bho.dll => No File
FirewallRules: [{AB2CC01D-B3FE-4F51-9CD6-599E074D65F2}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\124.0.2478.67\msedgewebview2.exe => No File
C:\Users\LENOVO\AppData\Local\Temp


EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Shell"="Explorer.exe" => value restored successfully
HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\\"Shell"="Explorer.exe" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mpcmdrun.exe => removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MusNotification.exe => removed successfully

"C:\Windows\system32\GroupPolicy\Machine" Folder move:

C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully

"C:\Windows\system32\GroupPolicy\User" Folder move:

C:\Windows\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{77780D91-775C-4461-90E5-28A25805837F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77780D91-775C-4461-90E5-28A25805837F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CBE7D3B-EFCE-4D80-98C6-04EEDF05ACDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CBE7D3B-EFCE-4D80-98C6-04EEDF05ACDE}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A0141D8-23BD-4E6D-A9CA-6A175F2B1BE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0141D8-23BD-4E6D-A9CA-6A175F2B1BE7}" => removed successfully
C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{133CBD01-9302-4328-BB3C-7B80ABBD7FF2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{133CBD01-9302-4328-BB3C-7B80ABBD7FF2}" => removed successfully
C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A07BFB86-9109-465B-BBFB-08100A3C83DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A07BFB86-9109-465B-BBFB-08100A3C83DE}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C34B139D-733D-47AD-AF9A-87EDA10A82D2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C34B139D-733D-47AD-AF9A-87EDA10A82D2}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Reporting Task-S-1-5-21-1411983480-724600386-1063534529-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33945AAD-2CFE-41CA-94F5-4393BE2CEDDE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33945AAD-2CFE-41CA-94F5-4393BE2CEDDE}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1411983480-724600386-1063534529-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-1411983480-724600386-1063534529-1001" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{F6000130-3402-412B-9FBC-508E606932E4}" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{9EFADBA1-1354-4B55-945A-0655CFA9C745}" => not found
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{20894375-46AE-46E2-BAFD-CB38975CDCE6} => removed successfully
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1} => removed successfully
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2} => removed successfully
HKU\S-1-5-21-1411983480-724600386-1063534529-500_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} => removed successfully
HKLM\Software\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB2CC01D-B3FE-4F51-9CD6-599E074D65F2}" => removed successfully

"C:\Users\LENOVO\AppData\Local\Temp" Folder move:

C:\Users\LENOVO\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18960617 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 13486476 B
Edge => 0 B
Chrome => 443631852 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 3636 B
hp => 3636 B
LENOVO => 240024 B

RecycleBin => 0 B
EmptyTemp: => 455.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 30-04-2024 19:14:55)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 19:14:55 ====

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 18:53
od Rudy
To vidím, že jste přešel. Pokud ji máte legálně (o čermž pochybuji) není co řešit. Enterprise je korporátní verze. Jinak bylo smazáno. Změnil se stav k lepšímu?

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 18:56
od samsungs6edge
Ano je to teď lepší. Děkuji mnohokrát za kontrolu.

Re: Notebook Lenovo B590

Napsal: 30 dub 2024 19:48
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz