VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Je v tom sajrajt

https://forum.viry.cz:443/viewtopic.php?t=160352

Stránka 1 z 1

Je v tom sajrajt

Napsal: 21 dub 2025 08:30
od Awandalor
Ahoj, asi jsem si tam něco natáhnul. Ani FRST jsem nemohl stáhnout. Prosím pomůžete mi se toho zbavit? Je možné aby se mi to dostalo do NASu samo od sebe? S NASkou problém nemám jen pro jistotu se ptám.

FRST LOG

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by Robert (administrator) on DESKTOP-EC0CQAC (LENOVO 20W4008QCK) (21-04-2025 08:47:52)
Running from C:\Users\Robert\Desktop\FRST64.exe
Loaded Profiles: Robert
Platform: Microsoft Windows 11 Pro Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantage-(SmartDisplayAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe
(C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_809f877e731b908b\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_809f877e731b908b\igfxEMN.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FN189C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FN189C~1.INF\driver\tposd.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(Microsoft Corporation) [File not signed] C:\Users\Robert\AppData\Roaming\Adobe\LogTransport2\BMLFJMJNHGHGHMDK.exe <4>
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_809f877e731b908b\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_2c7653f29a37d3f4\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_84147fa7a978ce4e\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_64c76657d20bdb6c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_443332a5152da4f0\SmartStandby.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_5d23f3d1b4649e1b\x64\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_15da36fcaef0532a\RtkAudUService64.exe <3>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WDKTestCert sarakelyan,130722862255941761 -> Synaptics Incorporated.) C:\Windows\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_0a328caa48d41753\SynRpcServer.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25031.45.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\Run: [MicrosoftEdgeAutoLaunch_A9F6DCE4ABADF4F51CF45CD7129E3C6C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5012288 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-16] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {F9FFBAD8-40B4-4193-957E-57B560E56389} - System32\Tasks\BMLFJMJNHGHGHMDK_run => C:\Users\Robert\AppData\Roaming\Adobe\LogTransport2\BMLFJMJNHGHGHMDK.exe [95648 2025-04-20] (Microsoft Corporation) [File not signed] <==== ATTENTION
Task: {E9AE75BF-F096-42F4-85A1-640F209E5B5B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{1E9B4D49-5D8D-4862-A673-7F0EF828117D} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {EABB8C52-E3E2-4923-98CC-C9F41A843AFB} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-348134008-3669429990-2405808313-1000 => C:\Users\Robert\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {C75347AB-F64F-4079-9308-957F46387B2D} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129880 2025-02-26] (Lenovo -> Lenovo)
Task: {F50F01DC-3084-4666-9862-6B4C1CB4A115} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67408 2025-02-26] (Lenovo -> )
Task: {18FD1406-2EBD-4A53-A44B-3F5C8F1881C9} - System32\Tasks\Lenovo\SmartStandby\Daily analysis => C:\Windows\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_443332a5152da4f0\AutonomicMgr.exe [76640 2024-05-09] (Lenovo -> )
Task: {A6D8A19B-9F4D-44E3-A683-33B2DFC59810} - System32\Tasks\Lenovo\SmartStandby\Uninstall Monitor => C:\WINDOWS\system32\SmartStandbyInst.exe [45912 2024-05-09] (Lenovo -> )
Task: {C920CF69-F72A-426E-8FB3-856358E5B14E} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2025-04-16] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {E724211B-98E4-4BC4-B095-87B00B381741} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {0592107C-4408-4C16-B710-75DD6CA9F958} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {5014C81E-CF85-44B0-8316-25B15649D9C8} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {AD587160-D234-4A8D-BF93-067D31A2879A} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {C507AC32-29A4-42CE-8C09-105BCEE4A46B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {EE87D050-BB33-4E6C-943C-50C91EB42A50} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {E9223D50-2175-4D41-BFFC-0B0C4664F40D} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.190\x64\IdleScheduleEventAction.exe [143768 2025-04-16] (Lenovo -> )
Task: {C9AB2E8C-903B-46ED-B536-0647C130A5C1} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {3F411951-8609-4013-B65F-150FD530B20C} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {72DE212B-C891-41A0-9EC3-665B143ECE82} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {777A2ADF-E7C4-4AA5-944D-1E9A732918FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E38424F-3F8C-4446-96B5-CC5E2063A86D} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [68328 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E03BBFFD-D5A6-4FC2-AB47-627A369130BC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A09291-DC80-4C27-90B6-7A16722C9683} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {91732E80-E9EE-4376-A1C3-688A92807553} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A37D3CD-13FA-479F-980A-727239CB9848} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [204400 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C0A2C4E-EADD-495B-A328-BA75084E73B6} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {DE0CE9D6-5754-4E22-9FB5-D53201630A17} - System32\Tasks\Microsoft\Windows\UPnP\Microsoft UPnP Manager1 => C:\Intel\e.vbs (No File)
Task: {64D789D9-EECD-4F4E-B4C4-B1466905B8C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFA4A06A-392A-48B9-A975-DD75236B47F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7216411B-9740-4416-A3A5-CD6AC72F0135} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9453C3A-CC73-4E43-84B5-AF45B2F5DE00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {399355BA-56DB-4F3F-9451-243DFEED7F4F} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {05324EE4-A380-42C5-9224-793CE0E63C98} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-348134008-3669429990-2405808313-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A964EC2E-396D-4044-BBD8-254C32C0B0AC} - System32\Tasks\OneDrive Startup Task-S-1-5-21-348134008-3669429990-2405808313-1000 => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDEAF88A-7ACC-4880-9FF9-1CA2E691D58C} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_15da36fcaef0532a\RtkAudUService64.exe [1981272 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C835480B-D973-42EB-8F9D-6D4637B23E35} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {3C4FAE5B-02F7-4B02-A0F6-2CEEFEE54877} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{7202196d-07a4-4c80-8336-28b4b82e805b}: [NameServer] 1.1.1.1
Tcpip\..\Interfaces\{7202196d-07a4-4c80-8336-28b4b82e805b}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{72051672-1b02-11f0-99ab-806e6f6e6963}: [NameServer] 1.1.1.1
Tcpip\..\Interfaces\{ea92d9f4-e9ea-4735-835b-900d22a1402e}: [NameServer] 1.1.1.1,8.8.8.8

Edge:
=======
Edge Profile: C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-16]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2025-04-21]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.wondershare.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Rozšíření Synology Image Assistant) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aadgfjmilhfblodmkgilohhjlakchfmg [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tinkercad) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhggmehigifnpflipbkdfcjiacpcgidn [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (GPX Viewer, Reader) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoebkjfbobjheeoclnjkfgginlaefnb [2025-04-16]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Material Simple Dark Grey) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Hlídač Shopů) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-21]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Norton Password Manager) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\admmjipmmciaobhojoghlmleefbicajg [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Sudoku) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Causality Games) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Full Screen Weather) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Cut the Rope) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (FormApps Extension) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Equalizer for YouTube™) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oggiagogblgafoilijjdhcmflgekfmja [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Hlídač Shopů) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe [2549352 2024-08-16] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncHelper.exe [3543888 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [479656 2022-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmsvc.exe [1037168 2024-10-14] (Lenovo -> Lenovo)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_64c76657d20bdb6c\AS\IAS\IntelAudioService.exe [532328 2024-08-08] (Intel Corporation -> Intel)
S4 LenovoBrightCtrl; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_5d23f3d1b4649e1b\x64\BrightnessControl.exe [157016 2025-01-28] (Lenovo -> Lenovo.)
R2 LenovoSmartStandby; C:\WINDOWS\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_443332a5152da4f0\SmartStandby.exe [341336 2024-05-09] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe [34816 2025-02-20] (Lenovo -> Lenovo)
R2 LITSSVC; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_5d23f3d1b4649e1b\x64\LITSSvc.exe [1143128 2025-01-28] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\LPlatSvc.exe [916344 2024-10-14] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NativePushService; C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [594320 2023-05-06] (Wondershare Technology Group Co.,Ltd -> Wondershare)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveUpdaterService.exe [3891536 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynHsaService; C:\WINDOWS\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_0a328caa48d41753\SynRpcServer.exe [192128 2023-08-25] (WDKTestCert sarakelyan,130722862255941761 -> Synaptics Incorporated.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256368 2022-12-15] (Intel Corporation -> Intel Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22178608 2025-03-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\TPHKLOAD.exe [316928 2025-02-24] (Lenovo -> Lenovo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107624 2018-12-06] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 dg; C:\Intel\dg.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [77272 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Generic)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_fcfdc62bfce8f55f\e1d.sys [613088 2024-09-10] (Intel Corporation -> Intel Corporation)
R3 GlPciSD; C:\WINDOWS\System32\drivers\GlPciSD.sys [240904 2024-05-13] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-09] (Intel Corporation -> Intel Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmdrv.sys [56696 2024-10-14] (Lenovo -> Lenovo)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_3483c60a14224d09\IntcUSB.sys [938344 2024-08-08] (Intel Corporation -> Intel(R) Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\pmdrvs.sys [42336 2024-10-14] (Lenovo -> Lenovo)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-16] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
R3 WiManH; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_7976829cdaa6ca7e\WiManH\WiManH.sys [184248 2024-12-02] (Intel Corporation -> Intel Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
S3 LenovoDiagnosticsDriver; \??\C:\ProgramData\Lenovo\Vantage\Addins\LenovoHardwareScanAddin\4.0.0.15\LenovoDiagnosticsDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-21 08:47 - 2025-04-21 08:48 - 000031224 _____ C:\Users\Robert\Desktop\FRST.txt
2025-04-21 08:47 - 2025-04-21 08:44 - 002404864 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2025-04-21 08:40 - 2025-04-21 08:48 - 000000000 ____D C:\FRST
2025-04-21 08:40 - 2025-04-21 08:40 - 002297344 _____ (Farbar) C:\Users\Robert\Downloads\FRST64.exe
2025-04-21 07:07 - 2025-04-21 07:07 - 000714490 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-21 07:07 - 2025-04-21 07:07 - 000153652 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-20 21:20 - 2025-04-20 21:50 - 000000000 ____D C:\Users\Robert\AppData\Roaming\obs-studio
2025-04-20 21:20 - 2025-04-20 21:20 - 000000000 ____D C:\ProgramData\obs-studio
2025-04-20 21:19 - 2025-04-20 21:19 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2025-04-20 21:19 - 2025-04-20 21:19 - 000000000 ____D C:\ProgramData\obs-studio-hook
2025-04-20 21:19 - 2025-04-20 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2025-04-20 21:19 - 2025-04-20 21:19 - 000000000 ____D C:\Program Files\obs-studio
2025-04-20 21:18 - 2025-04-20 21:18 - 156196264 _____ (OBS Project) C:\Users\Robert\Downloads\OBS-Studio-31.0.2-Windows-Installer.exe
2025-04-20 21:06 - 2025-04-20 21:10 - 000000000 ____D C:\Users\Robert\AppData\Local\Sony
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Roaming\VEGAS Pro
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Roaming\VEGAS
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Roaming\MAGIX
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Local\VEGAS Pro
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Local\MAGIX
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\ProgramData\VEGAS Pro
2025-04-20 21:05 - 2025-04-20 21:10 - 000000000 ____D C:\ProgramData\Magix
2025-04-20 21:05 - 2025-04-20 21:05 - 000001118 _____ C:\Users\Public\Desktop\VEGAS Pro 15.0.lnk
2025-04-20 21:03 - 2025-04-20 21:03 - 000003310 _____ C:\WINDOWS\system32\Tasks\BMLFJMJNHGHGHMDK_run
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\AlibabaProtect
2025-04-20 19:57 - 2025-04-20 21:05 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Sony
2025-04-20 19:57 - 2025-04-20 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2025-04-20 19:57 - 2025-04-20 19:57 - 000000000 ____D C:\Users\Robert\AppData\Local\VEGAS
2025-04-20 19:44 - 2025-04-20 19:44 - 000005866 _____ C:\Users\Robert\AppData\LocalLow\183fe6247284088bf5e3cb9f4cf38746039fa07f000070dabdfab908a343a64e
2025-04-20 19:44 - 2025-04-20 19:44 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\a8b141efd5a28a0535a4b1cef38c232052f69977de70ef5ac15dddb5a77f531f
2025-04-20 19:27 - 2025-04-20 19:27 - 000000000 ____D C:\Users\Robert\AppData\Roaming\TeamViewer
2025-04-20 19:12 - 2025-04-20 19:23 - 000000000 ____D C:\Users\Robert\AppData\Local\TeamViewer
2025-04-20 19:12 - 2025-04-20 19:12 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2025-04-20 19:12 - 2025-04-20 19:12 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2025-04-20 19:05 - 2025-04-20 19:05 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\MMC
2025-04-20 08:50 - 2025-04-20 08:51 - 011622546 _____ C:\Users\Robert\Desktop\mb_manual_ga-h81m-s2v.pdf
2025-04-20 08:30 - 2025-04-20 08:33 - 000035240 _____ C:\Users\Robert\AppData\LocalLow\b15d3a108baf677bad705d2193ceb1d29295e9ae5672296ad2f6ec14fa4d226f
2025-04-20 08:30 - 2025-04-20 08:33 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\9efc7b77bc60a484afa1dbca8105b35ad2d2bcddf61075a21cfb283050ad9d1e
2025-04-19 19:38 - 2025-04-20 21:13 - 000000000 ____D C:\Users\Robert\AppData\Local\Adobe
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\Roaming\com.adobe.dunamis
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Adobe
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\Local\SolidDocuments
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\.ms-ad
2025-04-19 19:36 - 2025-04-20 21:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-04-19 19:34 - 2025-04-19 19:34 - 000100661 _____ C:\Users\Robert\Downloads\michaela-pohlova-shopping_list.pdf
2025-04-19 09:19 - 2025-04-19 09:19 - 000000000 ____D C:\Users\Robert\AppData\Local\Sony Corporation
2025-04-19 09:18 - 2025-04-19 09:18 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS Remote Play.lnk
2025-04-19 09:18 - 2025-04-19 09:18 - 000002081 _____ C:\Users\Public\Desktop\PS Remote Play.lnk
2025-04-19 07:28 - 2025-04-19 07:28 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2025-04-18 22:36 - 2025-04-18 22:36 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2025-04-18 22:27 - 2025-04-18 22:28 - 000000000 ____D C:\Users\Robert\Documents\Witcher 2
2025-04-18 22:27 - 2025-04-18 22:27 - 000000000 ____D C:\Users\Robert\AppData\Local\The Witcher 2
2025-04-18 22:25 - 2025-03-27 23:40 - 4234857752 _____ C:\Users\Robert\Desktop\Zaklinac - Andrzej Sapkowski (Audioknihy komplet 01-08) (2).rar
2025-04-18 22:22 - 2025-04-14 18:14 - 000603822 _____ C:\Users\Robert\Documents\impressa-s9-s90-s95.pdf
2025-04-18 22:22 - 2025-04-14 18:14 - 000523493 _____ C:\Users\Robert\Documents\S7_S8_S9_instructions.pdf
2025-04-18 22:22 - 2025-02-22 15:16 - 004165367 _____ C:\Users\Robert\Documents\BN94 06301V UE32F5000AK.pdf
2025-04-18 22:21 - 2025-03-26 08:03 - 1274542565 _____ C:\Users\Robert\Desktop\Foto tábor.rar
2025-04-18 22:19 - 2025-04-18 22:19 - 000000000 ____D C:\Users\Robert\Desktop\cloudclone
2025-04-18 22:18 - 2025-04-18 22:19 - 000000000 ____D C:\Users\Robert\Desktop\lyzak
2025-04-18 22:18 - 2025-04-18 22:18 - 000085515 _____ C:\Users\Robert\AppData\LocalLow\34f6b2483462849a0a6b86842dbaed8595c9b1ea24a510ce6cabb8d612885e8b
2025-04-18 22:18 - 2025-04-18 22:18 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\4fca0a34b497acffbb870a4cea576f3ac71f00928c3146fe3d0d2dac45c9d5fb
2025-04-18 22:18 - 2025-04-18 22:18 - 000000000 ____D C:\Users\Robert\Desktop\zdroje jarda
2025-04-18 22:18 - 2025-04-14 19:53 - 000010049 _____ C:\Users\Robert\Desktop\komponenty.xlsx
2025-04-18 22:18 - 2025-04-11 20:26 - 001687344 _____ (Akeo Consulting) C:\Users\Robert\Desktop\rufus-4.7.exe
2025-04-18 21:27 - 2025-04-18 21:27 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Apoapsis Studios
2025-04-18 21:18 - 2025-04-18 21:18 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Apoapsis Studios
2025-04-18 21:17 - 2025-04-18 22:32 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-04-18 21:17 - 2025-04-18 21:17 - 000000222 _____ C:\Users\Robert\Desktop\Airport CEO.url
2025-04-18 21:06 - 2025-04-18 21:16 - 000000000 ____D C:\Users\Robert\AppData\Local\Steam
2025-04-18 21:06 - 2025-04-18 21:06 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2025-04-18 21:06 - 2025-04-18 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-04-18 20:39 - 2025-04-18 20:39 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2025-04-18 20:39 - 2025-04-18 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2025-04-17 23:09 - 2025-04-17 23:09 - 000001304 _____ C:\Users\Public\Desktop\Wondershare Video Converter Ultimate.lnk
2025-04-17 23:09 - 2025-04-17 23:09 - 000000000 ____D C:\Users\Robert\Documents\Wondershare MediaServer
2025-04-17 23:09 - 2025-04-17 23:09 - 000000000 ____D C:\Users\Robert\AppData\Roaming\TransferSupport
2025-04-17 23:09 - 2025-04-17 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2025-04-17 22:55 - 2025-04-17 22:55 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-04-17 22:49 - 2025-04-17 22:49 - 000000000 ____D C:\Users\Robert\AppData\Local\CEF
2025-04-17 22:47 - 2025-04-17 23:11 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Wondershare
2025-04-17 22:47 - 2025-04-17 23:11 - 000000000 ____D C:\Users\Robert\AppData\Local\Wondershare
2025-04-17 22:46 - 2025-04-20 20:41 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\d184b3a61bf4be513cbb771b07df842ddf56f91b67d9cbe187f53880ca9b5c5d
2025-04-17 22:46 - 2025-04-20 20:38 - 000015661 _____ C:\Users\Robert\AppData\LocalLow\7c20ed46f96c41e8f4707573a4b5f44f7b40b89f3834b85911e9c253e71a658b
2025-04-17 22:21 - 2025-04-17 22:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\XnViewMP
2025-04-17 22:21 - 2025-04-17 22:24 - 000001719 _____ C:\Users\Robert\Desktop\XnView MP.lnk
2025-04-17 22:21 - 2025-04-17 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2025-04-17 22:13 - 2025-04-17 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO® 64
2025-04-17 22:13 - 2025-04-17 22:13 - 000000871 _____ C:\Users\Robert\Desktop\HWiNFO® 64.lnk
2025-04-17 22:13 - 2025-04-17 22:13 - 000000000 ____D C:\Users\Robert\AppData\Local\NEO
2025-04-17 22:09 - 2025-04-17 22:09 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\cf805d2f713496e708d42cbe5b9db8431a0ba71406dfe310e335188ebe737739
2025-04-17 22:08 - 2025-04-17 22:09 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Office
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Word
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\UProof
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Proof
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\AddIns
2025-04-17 22:07 - 2025-04-18 20:34 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\6c24cb48ad07e609b202da5bed0daad6e1f9cb902cb99c540bf998f0f78f497e
2025-04-17 22:07 - 2025-04-17 22:07 - 000052818 _____ C:\Users\Robert\AppData\LocalLow\37f22b22f7257f250884789ed6922f2c0f52d958a7a44f0a052c7a8a4540db4f
2025-04-17 22:07 - 2025-04-17 22:07 - 000005862 _____ C:\Users\Robert\AppData\LocalLow\31a05236bf63c1322dc2ad96fbc5fce66984281a7cc297635054f13ce385aba4
2025-04-17 22:07 - 2025-04-17 22:07 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\8222ed2b145f79e157d837f2f36fe58b0d2479c19d62a4eaf36319ae4a5db9ee
2025-04-17 22:03 - 2025-04-19 07:28 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-17 22:03 - 2025-04-19 07:28 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-17 22:03 - 2025-04-19 07:28 - 000000000 ___RD C:\Users\Default\OneDrive
2025-04-17 22:02 - 2025-04-17 22:02 - 000002573 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2025-04-17 22:02 - 2025-04-17 22:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-17 21:57 - 2025-04-17 21:57 - 000000000 ____D C:\Users\Robert\AppData\Local\PeerDistRepub
2025-04-17 21:50 - 2025-04-17 21:50 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\8c90dfe160aa4d7986b18c7fec0883014fca29eb8008c982dfaa42b780933236
2025-04-17 21:49 - 2025-04-17 22:03 - 000014087 _____ C:\Users\Robert\AppData\LocalLow\c471a3f3b88ab9b37460e73f6bb1a3e7a513a2a2866fad587ff56ef5a1ad7e6c
2025-04-17 21:49 - 2025-04-17 21:49 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\bef33e67af07b07688c0a6330e732d016df14dc5824def44f89868a00efa36c8
2025-04-17 21:41 - 2025-04-17 22:06 - 000000000 ____D C:\Users\Robert\AppData\Local\GHISLER
2025-04-17 21:40 - 2025-04-17 21:41 - 000000000 ____D C:\Users\Robert\AppData\Roaming\GHISLER
2025-04-17 21:40 - 2025-04-17 21:40 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2025-04-17 21:02 - 2025-04-17 21:02 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\d1cf5ddacfbcfdb200ecab8573d5a879b9c9dd1809e72636b96abe744dc5c1e5
2025-04-17 21:00 - 2025-04-21 07:10 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\a3a6c18d987c7026cb89a58f4d73379ce458cdf838ed4dfaa757a98133f4ec8d
2025-04-17 21:00 - 2025-04-20 09:52 - 000279747 _____ C:\Users\Robert\AppData\LocalLow\71526115fc7e468c232d42ae5088250ec4121a38b5a1f96fec9ed5b3ee8a45d1
2025-04-17 21:00 - 2025-04-17 22:12 - 000034391 _____ C:\Users\Robert\AppData\LocalLow\f511570017ef7913fd75e88e11a01911f88862b19fe7eb34b26890e8259721ee
2025-04-17 21:00 - 2025-04-17 21:00 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\266bd9807d399cce2d446c97a504eb63b8c3c3e0ddf6d49dc9bc016827c2d997
2025-04-16 23:08 - 2025-04-16 23:08 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\4b82d73b83a4ced6b7d0997eb3aaaa99b450d9ee2aa3cc29116e303d1eae60a8
2025-04-16 23:06 - 2025-04-16 23:08 - 000228253 _____ C:\Users\Robert\AppData\LocalLow\b6f4b85779ab477df2ad80f8c96aa6c6bb8e0e80917194fb28985c5a92e096e7
2025-04-16 23:06 - 2025-04-16 23:08 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\6bb4f2f9d65f7bda2d90f51ccff4729b5ddfdde019641b39e1f05d5a804c8ed9
2025-04-16 22:58 - 2025-04-18 20:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2025-04-16 22:58 - 2025-04-16 22:58 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2025-04-16 22:58 - 2025-04-16 22:58 - 000000000 ____D C:\Users\Robert\AppData\Local\LenovoServiceBridge
2025-04-16 22:46 - 2025-04-16 22:46 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\77e2aeb7d287c591e83df060bd0791395599662b0525d26ab77b624e9c5ab91c
2025-04-16 22:46 - 2025-04-16 22:46 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\542c1e7e7a3f794d97a241f547580e15b32e73702c3ce8d5d387f920a571694b
2025-04-16 22:46 - 2025-04-16 22:46 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\f68745aa7a9338028522371f61f4006042b0b517326f372ba707e936d2a1fab0
2025-04-16 22:42 - 2025-04-17 21:42 - 000013429 _____ C:\Users\Robert\AppData\LocalLow\abdfbee3f482f410934d1e17c2f7f6fa1d3b379b2a07284ffda6ea337445c922
2025-04-16 22:42 - 2025-04-16 22:42 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\6bdad7e2b2f0e006a1b2964609240b6498c71fd5a1aeb1e97866f9a43779a743
2025-04-16 22:41 - 2025-04-21 07:03 - 000000000 __SHD C:\Users\Robert\IntelGraphicsProfiles
2025-04-16 22:41 - 2025-04-16 22:41 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Intel
2025-04-16 22:35 - 2025-04-16 22:35 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2025-04-16 22:34 - 2025-04-16 22:34 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2025-04-16 22:34 - 2025-04-16 22:34 - 000000591 _____ C:\WINDOWS\system32\regtest.txt
2025-04-16 22:34 - 2024-09-02 23:38 - 005232560 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\Netwtw10.sys
2025-04-16 22:34 - 2024-09-02 23:38 - 001499056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelIHVRouter10.dll
2025-04-16 22:34 - 2024-04-24 23:42 - 006167496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2025-04-16 22:33 - 2023-03-07 00:05 - 000058680 _____ () C:\WINDOWS\system32\Drivers\AlcGener2.sys
2025-04-16 22:26 - 2025-04-16 22:26 - 000000000 ____D C:\Users\Robert\AppData\Local\Comms
2025-04-16 22:22 - 2025-04-16 22:22 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-16 22:20 - 2024-10-10 01:17 - 000982184 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-04-16 22:20 - 2024-10-10 01:17 - 000786856 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-04-16 22:20 - 2024-10-10 01:17 - 000671568 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 027986912 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 020710984 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 002118192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-04-16 22:20 - 2024-10-10 01:16 - 002118192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-04-16 22:20 - 2024-10-10 01:16 - 002041904 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 001676360 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-04-16 22:20 - 2024-10-10 01:16 - 001676360 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-04-16 22:20 - 2024-10-10 01:16 - 001465880 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 001308208 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000797616 _____ C:\WINDOWS\system32\ze_loader.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000740824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000624728 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000613760 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000563760 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000483704 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2025-04-16 22:20 - 2024-10-10 01:16 - 000430104 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2025-04-16 22:19 - 2024-10-10 01:15 - 000339720 _____ C:\WINDOWS\system32\ControlLib.dll
2025-04-16 22:19 - 2024-10-10 01:15 - 000281536 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-04-16 22:17 - 2024-05-13 09:38 - 003192872 _____ (Genesys Logic) C:\WINDOWS\system32\GLCRIcon.dll
2025-04-16 22:17 - 2024-05-13 09:38 - 000240904 _____ (Genesys Logic) C:\WINDOWS\system32\Drivers\GlPciSD.sys
2025-04-16 21:59 - 2025-04-16 21:59 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-16 21:59 - 2025-04-16 21:59 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-16 21:59 - 2025-04-16 21:59 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-04-16 21:58 - 2025-04-16 21:58 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-04-16 21:58 - 2025-04-16 21:58 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-04-16 21:53 - 2025-04-16 22:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-04-16 21:50 - 2022-11-16 18:30 - 020194536 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPRes.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 004454120 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnh.exe
2025-04-16 21:50 - 2022-11-16 18:30 - 004043464 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCpl.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 001124552 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 000812728 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2025-04-16 21:50 - 2022-11-16 18:30 - 000436424 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnhService.exe
2025-04-16 21:50 - 2022-11-16 18:30 - 000331448 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 000254184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPHelper.exe
2025-04-16 21:50 - 2022-11-16 18:30 - 000050360 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2025-04-16 21:49 - 2025-04-19 07:21 - 000000000 ____D C:\Users\Robert\AppData\Local\Lenovo
2025-04-16 21:49 - 2025-04-16 22:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2025-04-16 21:49 - 2025-04-16 21:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2025-04-16 21:49 - 2025-04-16 21:49 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2025-04-16 21:49 - 2025-02-26 17:45 - 005624152 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll
2025-04-16 21:49 - 2025-02-26 17:45 - 002352480 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\EasyResume.exe
2025-04-16 21:49 - 2025-02-26 17:45 - 000174928 _____ (Lenovo) C:\WINDOWS\SysWOW64\InstHelper.dll
2025-04-16 21:49 - 2025-02-26 17:45 - 000104784 _____ (Lenovo) C:\WINDOWS\SysWOW64\EventLogger.dll
2025-04-16 21:49 - 2025-02-26 17:45 - 000067408 _____ () C:\WINDOWS\SysWOW64\PowerMgrInst.exe
2025-04-16 21:49 - 2024-05-09 20:29 - 000045912 _____ () C:\WINDOWS\system32\SmartStandbyInst.exe
2025-04-16 21:48 - 2025-04-16 21:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 21:48 - 2025-04-16 21:48 - 000000000 ____D C:\Users\Robert\AppData\Local\Google
2025-04-16 21:47 - 2025-04-16 21:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-04-16 21:47 - 2022-12-15 03:59 - 003265400 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TbtBusDrv.sys
2025-04-16 21:47 - 2022-12-15 03:59 - 000256368 _____ (Intel Corporation) C:\WINDOWS\TbtP2pShortcutService.exe
2025-04-16 21:46 - 2025-04-19 07:28 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-348134008-3669429990-2405808313-1000
2025-04-16 21:46 - 2025-04-19 07:28 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-348134008-3669429990-2405808313-1000
2025-04-16 21:46 - 2025-04-16 21:46 - 000000000 ___RD C:\Users\Robert\OneDrive
2025-04-16 21:45 - 2025-04-18 22:37 - 000000000 ____D C:\Users\Robert\AppData\Local\PlaceholderTileLogoFolder
2025-04-16 21:45 - 2025-04-16 22:41 - 000000000 ____D C:\Users\Robert\AppData\Local\Publishers
2025-04-16 21:45 - 2023-08-25 03:54 - 003784936 _____ (Synaptics Incorporated.) C:\WINDOWS\system32\AuthenticateFAM_SecureFP_UI.dll
2025-04-16 21:45 - 2023-08-25 03:54 - 003759336 _____ (Synaptics Incorporated.) C:\WINDOWS\SysWOW64\AuthenticateFAM_SecureFP_UI.dll
2025-04-16 21:45 - 2023-08-25 03:54 - 000504552 _____ (Synaptics Incorporated.) C:\WINDOWS\system32\AuthenticateFAM_SecureFP.dll
2025-04-16 21:45 - 2023-08-25 03:54 - 000371944 _____ (Synaptics Incorporated.) C:\WINDOWS\SysWOW64\AuthenticateFAM_SecureFP.dll
2025-04-16 21:44 - 2025-04-20 19:22 - 000000000 ____D C:\Users\Robert\AppData\Local\Packages
2025-04-16 21:44 - 2025-04-20 19:12 - 000000000 ____D C:\Users\Robert\AppData\Local\D3DSCache
2025-04-16 21:44 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Adobe
2025-04-16 21:44 - 2025-04-17 22:25 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Spelling
2025-04-16 21:44 - 2025-04-17 21:48 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\Credentials
2025-04-16 21:44 - 2025-04-17 21:43 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows
2025-04-16 21:44 - 2025-04-16 22:26 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\Protect
2025-04-16 21:44 - 2025-04-16 21:44 - 000000020 ___SH C:\Users\Robert\ntuser.ini
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Šablony
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Soubory cookie
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Poslední
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Okolní tiskárny
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Okolní síť
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Nabídka Start
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Dokumenty
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Documents\Obrázky
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Documents\Hudba
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Documents\Filmy
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Data aplikací
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\AppData\Local\Data aplikací
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\SystemCertificates
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\Crypto
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Vault
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Network
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Local\VirtualStore
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Local\ConnectedDevicesPlatform
2025-04-16 21:44 - 2022-11-13 23:47 - 015824744 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2025-04-16 21:44 - 2022-11-13 23:47 - 014798200 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2025-04-16 21:44 - 2022-11-13 23:46 - 013371816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2025-04-16 21:43 - 2025-04-21 07:07 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-16 21:41 - 2025-04-21 07:09 - 000001460 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Šablony
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Poslední
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Okolní síť
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Dokumenty
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Data aplikací
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Šablony
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Plocha
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Dokumenty
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Data aplikací
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Documents and Settings
2025-04-16 21:36 - 2025-04-21 07:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-16 21:36 - 2025-04-21 07:03 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-16 21:36 - 2025-04-21 07:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-16 21:36 - 2025-04-19 17:47 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-16 21:36 - 2025-04-19 07:23 - 000370032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-16 21:36 - 2025-04-16 22:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-16 21:36 - 2025-04-16 21:41 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{EAD36AA6-B97F-4539-9438-03FC2682609F}
2025-04-16 21:36 - 2025-04-16 21:41 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{8969E11F-6533-4D70-9C19-2621E0D91B94}
2025-04-16 21:36 - 2025-04-16 21:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2025-04-16 21:36 - 2025-04-16 21:36 - 000000000 ____D C:\WINDOWS\system32\config\BFS

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-21 08:49 - 2017-07-04 09:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-21 08:40 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\INF
2025-04-21 08:20 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-21 07:44 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-21 07:41 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-21 07:21 - 2017-07-04 09:05 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-21 07:09 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-21 07:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-04-21 07:03 - 2017-07-04 09:05 - 000000000 __SHD C:\Intel
2025-04-21 07:03 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files\TeamViewer
2025-04-20 22:22 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-20 21:05 - 2017-07-04 09:05 - 000000000 ____D C:\ProgramData\VEGAS
2025-04-20 21:05 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files\VEGAS
2025-04-18 22:36 - 2024-09-06 05:59 - 001175072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2025-04-18 22:36 - 2024-09-06 05:59 - 000780720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2025-04-18 22:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2025-04-18 22:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2025-04-17 22:48 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-04-17 22:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-17 21:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2025-04-16 22:36 - 2024-04-01 09:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2025-04-16 22:34 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-04-16 22:25 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\spool
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-16 22:22 - 2024-04-01 18:31 - 000000000 ___SD C:\WINDOWS\system32\AppV
2025-04-16 22:22 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-16 22:22 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-16 22:22 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-16 22:18 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-04-16 22:18 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2025-04-16 21:52 - 2024-04-01 09:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-04-16 21:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2025-04-16 21:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2025-04-16 21:38 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

==================== Files in the root of some directories ========

2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Symantec

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ADDITION.TXT

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by Robert (21-04-2025 08:50:25)
Running from C:\Users\Robert\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.3775 (X64) (2025-04-16 19:38:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-348134008-3669429990-2405808313-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-348134008-3669429990-2405808313-503 - Limited - Disabled)
Guest (S-1-5-21-348134008-3669429990-2405808313-501 - Limited - Disabled)
Robert (S-1-5-21-348134008-3669429990-2405808313-1000 - Administrator - Enabled) => C:\Users\Robert
WDAGUtilityAccount (S-1-5-21-348134008-3669429990-2405808313-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.24 - Martin Malik, REALiX s.r.o.)
Lenovo Service Bridge (HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.03.59 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.3.21.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365EduCloudRetail - cs-cz) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
MSVCRT Redists (HKLM\...\{52116C70-79F9-11E6-9541-BB95F5A309BD}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{E5637EB0-7FC4-11E7-B61D-95BE57594EAC}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20178 - Microsoft Corporation) Hidden
PS Remote Play (HKLM-x32\...\{40C31EAB-247D-49F2-935E-7A432817B644}) (Version: 8.0.0.14120 - Sony Interactive Entertainment Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.64.3 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.51 - Ghisler Software GmbH)
VEGAS Pro 15.0 (HKLM\...\{E0F91FB0-7FC4-11E7-B8E9-95BE57594EAC}) (Version: 15.0.177 - VEGAS)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Wondershare NativePush(Build 1.0.0.8) (HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\Wondershare NativePush_is1) (Version: - Wondershare Software)
Wondershare Video Converter Ultimate(Build 10.4.1.188) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.4.1.188 - Wondershare Software)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.8.0 - Pierre-e Gougelet)

Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-04-16] (INTEL CORP) [Startup Task]
AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2025-04-16] (INTEL CORP)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-16] (Microsoft Windows)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.26.3000.0_x64__rz1tebttyb220 [2025-04-16] (Dolby Laboratories)
Dolby Digital Plus decoder for PC OEMs -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyDigitalPlusDecoderOEM_1.1.285.0_x64__rz1tebttyb220 [2025-04-16] (Dolby Laboratories)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-04-16] (LENOVO INC.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-04-17] (Microsoft Corporation)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-04-17] ()
PrebootManager -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsUtilities_1.1.18.0_x64__807d65c4rvak2 [2025-04-16] (Synaptics Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.50.323.0_x64__dt26b99r8h8gj [2025-04-16] (Realtek Semiconductor Corp)
Synaptics TouchPad Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsControlPanel_19005.19110.0.0_x64__807d65c4rvak2 [2025-04-16] (Synaptics Incorporated)
Synaptics Trackpoint Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.241916F58D6E7_19005.19110.0.0_x64__807d65c4rvak2 [2025-04-16] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{04271989-C4D2-E3AC-E5DF-56422E561943} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnViewMP\XnViewShellExt64.dll [2025-03-28] (Pierre GOUGELET -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Robert - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Michaela - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2025-04-17 22:48 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2025-04-17 22:48 - 2017-09-12 10:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2025-04-17 22:48 - 2017-09-12 10:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-04-01 09:26 - 2025-04-20 20:15 - 000009941 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 download.bleepingcomputer.com
127.0.0.1 www.bleepingcomputer.com
127.0.0.1 bleepingcomputer.com
127.0.0.1 www.fullindir.cafe
127.0.0.1 fullindir.cafe
127.0.0.1 www.fullprogramlarindir.net
127.0.0.1 fullprogramlarindir.net
127.0.0.1 www.buyurindir.net
127.0.0.1 buyurindir.net
127.0.0.1 www.warezturkey.org
127.0.0.1 warezturkey.org
127.0.0.1 www.warezturkey.net
127.0.0.1 warezturkey.net
127.0.0.1 www.tnctr.com
127.0.0.1 tnctr.com
127.0.0.1 tb.rg-adguard.net
127.0.0.1 rufus.ie
127.0.0.1 www.rufus.ie
127.0.0.1 download.sysinternals.com
127.0.0.1 data-cdn.mbamupdates.com
127.0.0.1 download.cnet.com
127.0.0.1 cnet.com
127.0.0.1 www.cnet.com
127.0.0.1 prod.downloadnow.com
127.0.0.1 www.pandasecurity.com
127.0.0.1 pandasecurity.com
127.0.0.1 www.adaware.com
127.0.0.1 adaware.com
127.0.0.1 sdl.adaware.com
127.0.0.1 www.nano-av.com

There are 293 more lines.


==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Intel;C:\Intel\m;C:\Intel\logs;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Robert\AppData\Local\Microsoft\WindowsApps;
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\11348772234367442116\133894817047152598.jpg
DNS Servers: 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel(R) Ethernet Connection (13) I219-V -> e1d.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A9F6DCE4ABADF4F51CF45CD7129E3C6C"
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{635A048F-41C7-4A01-80F6-64EFE5EC3A48}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F9B27D0B-2124-450C-A059-7BB1B84C2EE2}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25060.205.3499.6849_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9929DDA7-1A42-4651-B8D5-4F66BBEA833E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F4629C20-BBE5-4BC0-8E77-7CA589BFF6BB}] => (Allow) C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe (Wondershare Technology Group Co.,Ltd -> Wondershare)
FirewallRules: [{5CBFAD92-F77C-4910-B915-3EA52FFF906D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33C798EB-FEE7-4223-B6C6-E8300D597810}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{7AE83D4A-4EFD-427D-B8E5-625565A1B9A8}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{0D64533A-C45E-4940-A571-831E539F5ED9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{C4B25082-77B6-4A0B-9047-2FCD4EC12778}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F1170423-1B2A-4263-BF98-E9796D8438F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FC91FD90-0298-4966-BDCA-37951F9C57F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A6D004A1-55B9-4A1E-80F3-38BED8497B4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Airport CEO\Airport CEO.exe () [File not signed]
FirewallRules: [{469116F2-C586-4712-A8AF-ECBB4BDC37A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Airport CEO\Airport CEO.exe () [File not signed]
FirewallRules: [TCP Query User{0D878514-98FC-42C8-AA8F-0674735F1C9E}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [UDP Query User{82DE9701-077C-4D94-9B5C-73986AA37E2C}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe => No File
FirewallRules: [{CDC9AE13-5854-4F65-83C6-1DC4C5455E91}] => (Allow) C:\Program Files (x86)\Sony\PS Remote Play\RemotePlay.exe (Sony Interactive Entertainment Inc. -> Sony Interactive Entertainment Inc.)
FirewallRules: [{E6A73698-45DE-4C1C-8D57-4F1C6988E9A8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5593D14A-B5EF-488F-AFFE-4D26A42828D7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4AA54631-E167-4F2D-9C21-2FBCD2F09FE4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{57068959-DEC9-4BE8-87E6-D17A3277C569}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4F098826-9454-4040-8B28-5E75F3444FDB}] => (Allow) C:\Intel\i2.exe => No File
FirewallRules: [{B60990DF-E6CF-4644-A0F0-6802E7056916}] => (Allow) C:\Intel\i4.exe => No File
FirewallRules: [{A0533739-BC28-4E29-883D-6ACAFA69FACC}] => (Allow) C:\Intel\i2.exe => No File
FirewallRules: [{5F20DE9E-7D51-4D9A-A686-85F5B6194686}] => (Allow) C:\Intel\q.exe => No File
FirewallRules: [{789B9F14-F391-448F-8C78-03255D009A1B}] => (Allow) C:\Intel\q.exe => No File
FirewallRules: [{5E6C2FC9-EC7C-41B0-87B2-57F01190852D}] => (Allow) C:\Intel\i1.exe => No File
FirewallRules: [{31EB8F86-4EC6-43FB-A806-516A93EBB74F}] => (Allow) C:\Intel\c.exe => No File
FirewallRules: [{95350907-9448-4D66-A529-79D392C1C28D}] => (Allow) C:\Intel\i3.exe => No File
FirewallRules: [{7EC93EE9-32B7-4AE5-9E6F-28252ABCCB65}] => (Allow) C:\Intel\i3.exe => No File
FirewallRules: [{D970F018-6A94-4986-B608-418795A76CFA}] => (Allow) C:\Intel\i4.exe => No File
FirewallRules: [{5AD64AE2-5BD8-4E6F-9681-564BDD506CD8}] => (Allow) C:\Intel\i1.exe => No File
FirewallRules: [{F27C5807-E592-42E9-B884-916D08640085}] => (Allow) C:\Intel\c.exe => No File
FirewallRules: [{9A4C4C26-0AA9-49C3-A4B8-257A1669121C}] => (Allow) C:\Intel\m\nmb.exe => No File
FirewallRules: [{554B5070-7985-4D8D-970D-935A7851D9D0}] => (Allow) C:\Intel\m\xrm.exe => No File
FirewallRules: [{03736EFE-B314-4F0F-97F7-C01A0EEA0D6F}] => (Allow) C:\Intel\m\xrm.exe => No File
FirewallRules: [{311BF76D-5551-4AB5-99A1-483AD2F271B8}] => (Allow) C:\Intel\m\nmb.exe => No File
FirewallRules: [{CF531EF1-A627-4E30-B2D7-758F74236123}] => (Allow) C:\Intel\m\txr.exe => No File
FirewallRules: [{AE88E30A-634A-42AB-A51D-CE3C1D0C34EC}] => (Allow) C:\Intel\m\llm.exe => No File
FirewallRules: [{787699FE-9588-4573-A95F-001327982E12}] => (Allow) C:\Intel\m\txr.exe => No File
FirewallRules: [{EDA78B22-A4AD-4897-8C86-79FC370DC2E9}] => (Allow) C:\Intel\m\llm.exe => No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:476.2 GB) (Free:396.95 GB) (83%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/21/2025 08:03:17 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-EC0CQAC)
Description: Název chybující aplikace: BMLFJMJNHGHGHMDK.exe, verze: 10.0.26100.1150, časové razítko: 0x23bbb5d4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x3758
Čas spuštění chybující aplikace: 0x1dbb27aaef19bb3
Cesta k chybující aplikaci: C:\Users\Robert\AppData\Roaming\Adobe\LogTransport2\BMLFJMJNHGHGHMDK.exe
Cesta k chybujícímu modulu: unknown
ID sestavy: 698d3fe8-4967-4bf4-8f43-f0a50271ecca
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (04/21/2025 07:03:09 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-EC0CQAC$ přes https://NTC-KeyId-23f4e22ad3be374a44977 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(15ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/17/2025 08:55:19 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (04/16/2025 09:44:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x80004005
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (04/16/2025 09:41:30 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x80004005
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=TimerEvent

Error: (04/16/2025 09:40:38 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.

Error: (04/16/2025 09:38:56 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\WIN-SAK7ARI4AOQ$ přes https://NTC-KeyId-23f4e22ad3be374a44977 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/16/2025 09:38:55 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://NTC-KeyId-23f4e22ad3be374a44977 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)


System errors:
=============
Error: (04/21/2025 08:03:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/21/2025 07:12:20 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (04/21/2025 07:11:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (04/21/2025 07:11:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (04/21/2025 07:11:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9N0866FS04W8-DolbyLaboratories.DolbyAccess.

Error: (04/20/2025 10:22:23 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (04/20/2025 10:22:23 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (04/20/2025 09:12:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba WinRing0_1_2_0 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2025-04-21 07:34:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-21 07:27:11
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-21 07:16:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-20 20:59:46
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: VirTool:Win32/Vbinder.gen!G
Severity: Severe
Category: Tool
Path: file:_C:\Intel\i1.exe; file:_C:\Intel\i2.exe; file:_C:\Intel\i3.exe; file:_C:\Intel\i4.exe
Detection Origin: Local machine
Detection Type: Generic
Detection Source: Real-Time Protection
Process Name: C:\Program Files\totalcmd\TOTALCMD64.EXE
Security intelligence Version: AV: 1.427.348.0, AS: 1.427.348.0, NIS: 1.427.348.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-20 20:59:13
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: VirTool:Win32/Vbinder.gen!G
Severity: Severe
Category: Tool
Path: file:_C:\Intel\i1.exe; file:_C:\Intel\i2.exe; file:_C:\Intel\i3.exe; file:_C:\Intel\i4.exe
Detection Origin: Local machine
Detection Type: Generic
Detection Source: Real-Time Protection
Process Name: C:\Program Files\totalcmd\TOTALCMD64.EXE
Security intelligence Version: AV: 1.427.348.0, AS: 1.427.348.0, NIS: 1.427.348.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

CodeIntegrity:
===============
Date: 2025-04-21 07:16:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_84147fa7a978ce4e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO N34ET65W (1.65 ) 02/07/2025
Motherboard: LENOVO 20W4008QCK
Processor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 16107.05 MB
Available physical RAM: 9023.88 MB
Total Virtual: 19051.05 MB
Available Virtual: 11408.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.2 GB) (Free:396.95 GB) (Model: SKHynix_HFS512GDE9X081N) NTFS
Drive e: (lojza) (Removable) (Total:14.55 GB) (Free:14.46 GB) NTFS

\\?\Volume{b148aa00-f56d-48be-8126-25ca6e141c08}\ () (Fixed) (Total:0.63 GB) (Free:0.07 GB) NTFS
\\?\Volume{f6f69a02-6878-431e-902a-318c2344ecbe}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BB712021)

Partition: GPT.

==========================================================
Disk: 1 (Size: 14.6 GB) (Disk ID: 140D9572)
Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Re: Je v tom sajrajt

Napsal: 21 dub 2025 10:30
od Rudy
Zdravím!
Spusťte nejprve tuto utlitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Je v tom sajrajt

Napsal: 21 dub 2025 11:01
od Awandalor
Byl jsem netrpělivý a už jsem zneužil AI gemini. Tady je nový log z FRST, Adwcleaner ještě smazal 1 položku.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by Robert (administrator) on DESKTOP-EC0CQAC (LENOVO 20W4008QCK) (21-04-2025 11:57:27)
Running from C:\Users\Robert\Desktop\FRST64.exe
Loaded Profiles: Robert
Platform: Microsoft Windows 11 Pro Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSATray.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantage-(GenericTelemetryAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\Intel Graphics Software\PresentMonService.exe
(C:\Program Files\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files\TeamViewer\crashpad_handler.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_706cd88e58c04b53\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_706cd88e58c04b53\igfxEMN.exe
(DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\DAX3_S~1.INF\DAX3API.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\dptf_helper.exe
(DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FN189C~1.INF\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\tphkload.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\FN189C~1.INF\driver\tposd.exe
(Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories) C:\Windows\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(services.exe ->) (Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_706cd88e58c04b53\igfxCUIServiceN.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_2c7653f29a37d3f4\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e6280c9d2b6478c3\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\TbtP2pShortcutService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_64c76657d20bdb6c\AS\IAS\IntelAudioService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_443332a5152da4f0\SmartStandby.exe
(services.exe ->) (Lenovo -> Lenovo.) C:\Windows\System32\DriverStore\FileRepository\litsdrv.inf_amd64_5d23f3d1b4649e1b\x64\LITSSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_15da36fcaef0532a\RtkAudUService64.exe <3>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WDKTestCert sarakelyan,130722862255941761 -> Synaptics Incorporated.) C:\Windows\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_0a328caa48d41753\SynRpcServer.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25031.45.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Intel® Graphics Software] => C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.exe [421032 2025-03-29] (Intel Corporation -> Intel Corporation)
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\Run: [MicrosoftEdgeAutoLaunch_A9F6DCE4ABADF4F51CF45CD7129E3C6C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5012288 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-16] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E9AE75BF-F096-42F4-85A1-640F209E5B5B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{1E9B4D49-5D8D-4862-A673-7F0EF828117D} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7129.0\updater.exe [7375968 2025-04-17] (Google LLC -> Google LLC)
Task: {2D924550-B466-46ED-B676-497E436F13EA} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6279256 2025-02-21] (Intel Corporation -> Intel Corporation)
Task: {DE0A6833-161C-4467-A65F-2F78CA9CB663} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [6279256 2025-02-21] (Intel Corporation -> Intel Corporation)
Task: {EABB8C52-E3E2-4923-98CC-C9F41A843AFB} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-348134008-3669429990-2405808313-1000 => C:\Users\Robert\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {C75347AB-F64F-4079-9308-957F46387B2D} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [129880 2025-02-26] (Lenovo -> Lenovo)
Task: {F50F01DC-3084-4666-9862-6B4C1CB4A115} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [67408 2025-02-26] (Lenovo -> )
Task: {18FD1406-2EBD-4A53-A44B-3F5C8F1881C9} - System32\Tasks\Lenovo\SmartStandby\Daily analysis => C:\Windows\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_443332a5152da4f0\AutonomicMgr.exe [76640 2024-05-09] (Lenovo -> )
Task: {A6D8A19B-9F4D-44E3-A683-33B2DFC59810} - System32\Tasks\Lenovo\SmartStandby\Uninstall Monitor => C:\WINDOWS\system32\SmartStandbyInst.exe [45912 2024-05-09] (Lenovo -> )
Task: {C920CF69-F72A-426E-8FB3-856358E5B14E} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [102400 2025-04-16] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {E724211B-98E4-4BC4-B095-87B00B381741} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {0592107C-4408-4C16-B710-75DD6CA9F958} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {5014C81E-CF85-44B0-8316-25B15649D9C8} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {AD587160-D234-4A8D-BF93-067D31A2879A} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {C507AC32-29A4-42CE-8C09-105BCEE4A46B} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {EE87D050-BB33-4E6C-943C-50C91EB42A50} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {E9223D50-2175-4D41-BFFC-0B0C4664F40D} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.190\x64\IdleScheduleEventAction.exe [143768 2025-04-16] (Lenovo -> )
Task: {C9AB2E8C-903B-46ED-B536-0647C130A5C1} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\ScheduleEventAction.exe [278016 2025-02-20] (Lenovo -> Lenovo)
Task: {3F411951-8609-4013-B65F-150FD530B20C} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {72DE212B-C891-41A0-9EC3-665B143ECE82} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {777A2ADF-E7C4-4AA5-944D-1E9A732918FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {0E38424F-3F8C-4446-96B5-CC5E2063A86D} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [68328 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E03BBFFD-D5A6-4FC2-AB47-627A369130BC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107936 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {74A09291-DC80-4C27-90B6-7A16722C9683} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {91732E80-E9EE-4376-A1C3-688A92807553} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [315544 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A37D3CD-13FA-479F-980A-727239CB9848} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [204400 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C0A2C4E-EADD-495B-A328-BA75084E73B6} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {64D789D9-EECD-4F4E-B4C4-B1466905B8C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AFA4A06A-392A-48B9-A975-DD75236B47F4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7216411B-9740-4416-A3A5-CD6AC72F0135} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9453C3A-CC73-4E43-84B5-AF45B2F5DE00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {399355BA-56DB-4F3F-9451-243DFEED7F4F} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {05324EE4-A380-42C5-9224-793CE0E63C98} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-348134008-3669429990-2405808313-1000 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223808 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A964EC2E-396D-4044-BBD8-254C32C0B0AC} - System32\Tasks\OneDrive Startup Task-S-1-5-21-348134008-3669429990-2405808313-1000 => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveLauncher.exe [674624 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {FDEAF88A-7ACC-4880-9FF9-1CA2E691D58C} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_15da36fcaef0532a\RtkAudUService64.exe [1981272 2024-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {C835480B-D973-42EB-8F9D-6D4637B23E35} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {3C4FAE5B-02F7-4B02-A0F6-2CEEFEE54877} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1904536 2024-07-15] (Lenovo -> )
Task: {A1A69ED0-7FAE-466C-B3AF-C336B5263E86} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [454656 2025-04-16] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files\Intel\SUR\QUEENCREEK\x64\-Command "Start-Process -WindowStyle Hidden task.bat"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{7202196d-07a4-4c80-8336-28b4b82e805b}: [NameServer] 1.1.1.1
Tcpip\..\Interfaces\{7202196d-07a4-4c80-8336-28b4b82e805b}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{72051672-1b02-11f0-99ab-806e6f6e6963}: [NameServer] 1.1.1.1
Tcpip\..\Interfaces\{ea92d9f4-e9ea-4735-835b-900d22a1402e}: [NameServer] 1.1.1.1,8.8.8.8

Edge:
=======
Edge Profile: C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-16]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\Robert\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-16]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default [2025-04-21]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.wondershare.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Rozšíření Synology Image Assistant) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aadgfjmilhfblodmkgilohhjlakchfmg [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tinkercad) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhggmehigifnpflipbkdfcjiacpcgidn [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (GPX Viewer, Reader) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcoebkjfbobjheeoclnjkfgginlaefnb [2025-04-16]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Material Simple Dark Grey) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookepigabmicjpgfnmncjiplegcacdbm [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Hlídač Shopů) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2025-04-16]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-04-21]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Norton Password Manager) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\admmjipmmciaobhojoghlmleefbicajg [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Sudoku) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\agdhembpgcpfegeigidembjopfhghnpj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Causality Games) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Full Screen Weather) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Cut the Rope) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (FormApps Extension) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Equalizer for YouTube™) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oggiagogblgafoilijjdhcmflgekfmja [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Hlídač Shopů) - C:\Users\Robert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plmlonggbfebcjelncogcnclagkmkikk [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\Robert\AppData\Local\Google\Chrome\User Data\System Profile [2025-04-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13862104 2025-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_2d3e2e42e0f8523f\DAX3API.exe [2549352 2024-08-16] (Dolby Laboratories, Inc. -> Dolby Laboratories)
R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAService.exe [123800 2025-04-02] (Intel Corporation -> Intel)
R2 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\x86\DSAUpdateService.exe [123288 2025-04-02] (Intel Corporation -> Intel)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncHelper.exe [3543888 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [479656 2022-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmsvc.exe [1037168 2024-10-14] (Lenovo -> Lenovo)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_64c76657d20bdb6c\AS\IAS\IntelAudioService.exe [532328 2024-08-08] (Intel Corporation -> Intel)
R2 IntelGraphicsSoftwareService; C:\Program Files\Intel\Intel Graphics Software\IntelGraphicsSoftware.Service.exe [300200 2025-03-29] (Intel Corporation -> Intel Corporation)
S4 LenovoBrightCtrl; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_5d23f3d1b4649e1b\x64\BrightnessControl.exe [157016 2025-01-28] (Lenovo -> Lenovo.)
R2 LenovoSmartStandby; C:\WINDOWS\System32\DriverStore\FileRepository\smartstandbycomponent.inf_amd64_443332a5152da4f0\SmartStandby.exe [341336 2024-05-09] (Lenovo -> Lenovo)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.3.21.0\LenovoVantageService.exe [34816 2025-02-20] (Lenovo -> Lenovo)
R2 LITSSVC; C:\WINDOWS\System32\DriverStore\FileRepository\litsdrv.inf_amd64_5d23f3d1b4649e1b\x64\LITSSvc.exe [1143128 2025-01-28] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\LPlatSvc.exe [916344 2024-10-14] (Lenovo -> Lenovo)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.051.0317.0003\OneDriveUpdaterService.exe [3891536 2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynHsaService; C:\WINDOWS\System32\DriverStore\FileRepository\synawudfbiousbuwp.inf_amd64_0a328caa48d41753\SynRpcServer.exe [192128 2023-08-25] (WDKTestCert sarakelyan,130722862255941761 -> Synaptics Incorporated.)
R2 TbtP2pShortcutService; C:\WINDOWS\TbtP2pShortcutService.exe [256368 2022-12-15] (Intel Corporation -> Intel Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [22178608 2025-03-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_ab53c856f440d1ac\driver\TPHKLOAD.exe [316928 2025-02-24] (Lenovo -> Lenovo)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AKCCID; C:\WINDOWS\System32\drivers\AKCCID.sys [77272 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Generic)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_fcfdc62bfce8f55f\e1d.sys [613088 2024-09-10] (Intel Corporation -> Intel Corporation)
R3 GlPciSD; C:\WINDOWS\System32\drivers\GlPciSD.sys [240904 2024-05-13] (GENESYS LOGIC, INC. -> Genesys Logic)
R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_d0e63c4e3754f42f\iaLPSS2_GPIO2_TGL.sys [128152 2020-08-09] (Intel Corporation -> Intel Corporation)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\ibmpmdrv.sys [56696 2024-10-14] (Lenovo -> Lenovo)
R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_3483c60a14224d09\IntcUSB.sys [938344 2024-08-08] (Intel Corporation -> Intel(R) Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_54015d614dafb853\x64\pmdrvs.sys [42336 2024-10-14] (Lenovo -> Lenovo)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-16] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
R3 WiManH; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_7976829cdaa6ca7e\WiManH\WiManH.sys [184248 2024-12-02] (Intel Corporation -> Intel Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-16] (Microsoft Windows -> Microsoft Corporation)
S3 LenovoDiagnosticsDriver; \??\C:\ProgramData\Lenovo\Vantage\Addins\LenovoHardwareScanAddin\4.0.0.15\LenovoDiagnosticsDriver.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-21 11:55 - 2025-04-21 11:55 - 009566696 _____ (Malwarebytes) C:\Users\Robert\Downloads\AdwCleaner.exe
2025-04-21 11:51 - 2025-04-21 11:52 - 000000000 ____D C:\AdwCleaner
2025-04-21 11:51 - 2025-04-21 11:51 - 009566696 _____ (Malwarebytes) C:\Users\Robert\Desktop\AdwCleaner.exe
2025-04-21 11:48 - 2025-04-21 11:53 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\0677328635269b88b308e66a4520b0079f35702e6d26ad2ed9b93a50c19530ca
2025-04-21 11:48 - 2025-04-21 11:48 - 000012310 _____ C:\Users\Robert\AppData\LocalLow\fde5bdb8d55f635db55f32a5a88191d30ccf8cac51a01ed4c787bfc684a83656
2025-04-21 11:45 - 2025-04-21 11:45 - 000033109 _____ C:\Users\Robert\Desktop\Addition.txt
2025-04-21 11:39 - 2025-04-21 11:39 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\fb71e2f68b4992f535665935ad1dbeae212982f5132df95b025062fa922fec13
2025-04-21 11:37 - 2025-04-21 11:52 - 000195114 _____ C:\Users\Robert\AppData\LocalLow\8ca2f68a0d673f7763b9a3527b4514a8f35fd0c49030a641fbb66d4e938f16dc
2025-04-21 11:37 - 2025-04-21 11:39 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\484e59eede16eba9de30a224cb0a96ba45ce09ce5a6ae043ff41e130d64f23c8
2025-04-21 11:36 - 2025-04-21 11:36 - 000714490 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-21 11:36 - 2025-04-21 11:36 - 000153652 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-21 11:31 - 2025-04-21 11:31 - 000008148 _____ C:\Users\Robert\AppData\LocalLow\2f20d2aebae05e3ad64cc03ef7d39e44bd0db8d5f4d21a7290b31af20f796e2a
2025-04-21 11:31 - 2025-04-21 11:31 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\5ae15f60a694c0950e9e9263d177a80534070b8370ab46037b5e27248af2b235
2025-04-21 11:27 - 2025-04-21 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2025-04-21 11:27 - 2025-04-21 11:27 - 000000000 ____D C:\Program Files\LevelZeroSDK
2025-04-21 11:26 - 2025-04-21 11:37 - 000018000 _____ C:\Users\Robert\AppData\LocalLow\7ee252bfcba851ca067611bda7b255d9d0854ad51306dc1aac554351d3baabc3
2025-04-21 11:26 - 2025-04-21 11:26 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\9c31eed4470ad0b0f9e11406789adeb4c258cc1f75c65da0c1a389af835a64a1
2025-04-21 11:23 - 2025-04-07 01:32 - 000759576 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2025-04-21 11:23 - 2025-04-07 01:32 - 000641792 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2025-04-21 11:23 - 2025-04-07 01:31 - 000945480 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2025-04-21 11:23 - 2025-04-07 01:31 - 000708384 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2025-04-21 11:23 - 2025-04-07 01:29 - 000634552 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2025-04-21 11:23 - 2025-04-07 01:29 - 000594256 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2025-04-21 11:23 - 2025-04-07 01:29 - 000455808 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 002089264 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2025-04-21 11:23 - 2025-04-07 01:27 - 002089264 _____ C:\WINDOWS\system32\vulkaninfo.exe
2025-04-21 11:23 - 2025-04-07 01:27 - 002021664 _____ C:\WINDOWS\system32\ze_intel_gpu_raytracing.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 001627440 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-04-21 11:23 - 2025-04-07 01:27 - 001627440 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-04-21 11:23 - 2025-04-07 01:27 - 001584408 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 001584408 _____ C:\WINDOWS\system32\vulkan-1.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 001397016 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 001397016 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 001051424 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 000827184 _____ C:\WINDOWS\system32\ze_loader.dll
2025-04-21 11:23 - 2025-04-07 01:27 - 000553248 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2025-04-21 11:23 - 2025-04-07 01:26 - 027966768 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2025-04-21 11:23 - 2025-04-07 01:26 - 020690744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2025-04-21 11:23 - 2025-04-07 01:24 - 000324136 _____ C:\WINDOWS\system32\ControlLib.dll
2025-04-21 11:23 - 2025-04-07 01:24 - 000270936 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2025-04-21 11:19 - 2025-04-21 11:28 - 000000000 ____D C:\Program Files\Intel
2025-04-21 11:19 - 2025-04-21 11:21 - 000000000 ____D C:\Program Files (x86)\Intel
2025-04-21 11:19 - 2025-04-21 11:19 - 000003762 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2025-04-21 11:19 - 2025-04-21 11:19 - 000003600 _____ C:\WINDOWS\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2025-04-21 11:19 - 2025-04-21 11:19 - 000003528 _____ C:\WINDOWS\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2025-04-21 11:19 - 2025-04-21 11:19 - 000001596 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2025-04-21 11:19 - 2025-04-21 11:19 - 000000000 ____D C:\Users\Robert\AppData\Local\Intel
2025-04-21 11:19 - 2025-04-21 11:19 - 000000000 ____D C:\Users\Robert\AppData\Local\ASP.NET
2025-04-21 11:19 - 2025-03-17 23:20 - 000049888 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\semav6msr64.sys
2025-04-21 11:18 - 2025-04-21 11:18 - 009123928 _____ (Intel) C:\Users\Robert\Downloads\Intel-Driver-and-Support-Assistant-Installer.exe
2025-04-21 11:18 - 2025-04-21 11:18 - 000000000 ____D C:\Program Files (x86)\dotnet
2025-04-21 11:13 - 2025-04-21 11:57 - 000031693 _____ C:\Users\Robert\Desktop\FRST.txt
2025-04-21 10:40 - 2025-04-21 10:40 - 000000000 ____D C:\Users\Robert\AppData\Local\Plugin.OfxStitch
2025-04-21 10:40 - 2025-04-21 10:40 - 000000000 ____D C:\Users\Robert\AppData\Local\Plugin.ofx360Stabilizer
2025-04-21 10:40 - 2025-04-21 10:40 - 000000000 ____D C:\Users\Robert\AppData\Local\Plugin.MxOfxRotation
2025-04-21 10:22 - 2025-04-21 10:22 - 000001118 _____ C:\Users\Public\Desktop\VEGAS Pro 17.0.lnk
2025-04-21 10:22 - 2025-04-21 10:22 - 000000000 ____D C:\Program Files\Common Files\OFX
2025-04-21 10:08 - 2025-04-21 10:08 - 000000000 ____D C:\Users\Robert\AppData\Local\ToastNotificationManagerCompat
2025-04-21 10:05 - 2025-04-21 10:19 - 000000000 ____D C:\Users\Robert\AppData\Roaming\HandBrake
2025-04-21 10:05 - 2025-04-21 10:05 - 000000000 ____D C:\Program Files\dotnet
2025-04-21 10:04 - 2025-04-21 10:04 - 000000000 ____D C:\Users\Robert\Desktop\HandBrake
2025-04-21 10:03 - 2025-04-21 10:03 - 000000000 ____D C:\Users\Robert\AppData\Local\cache
2025-04-21 10:00 - 2025-04-21 10:00 - 000000000 ____D C:\Users\Robert\AppData\Local\converter
2025-04-21 10:00 - 2025-04-21 10:00 - 000000000 ____D C:\Users\Robert\.fontconfig
2025-04-21 09:59 - 2025-04-21 09:59 - 000012311 _____ C:\ProgramData\sguasgrp.vby
2025-04-21 09:59 - 2025-04-21 09:59 - 000000000 ____D C:\Users\Robert\AppData\Local\Movavi
2025-04-21 09:59 - 2025-04-21 09:59 - 000000000 ____D C:\ProgramData\movavi
2025-04-21 09:47 - 2025-04-21 09:49 - 719635802 _____ C:\Users\Robert\Downloads\Sony Vegas Pro 17.rar
2025-04-21 08:47 - 2025-04-21 08:44 - 002404864 _____ (Farbar) C:\Users\Robert\Desktop\FRST64.exe
2025-04-21 08:40 - 2025-04-21 11:57 - 000000000 ____D C:\FRST
2025-04-20 21:20 - 2025-04-21 10:01 - 000000000 ____D C:\Users\Robert\AppData\Roaming\obs-studio
2025-04-20 21:20 - 2025-04-20 21:20 - 000000000 ____D C:\ProgramData\obs-studio
2025-04-20 21:19 - 2025-04-20 21:19 - 000001052 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2025-04-20 21:19 - 2025-04-20 21:19 - 000000000 ____D C:\ProgramData\obs-studio-hook
2025-04-20 21:19 - 2025-04-20 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio
2025-04-20 21:19 - 2025-04-20 21:19 - 000000000 ____D C:\Program Files\obs-studio
2025-04-20 21:06 - 2025-04-21 10:40 - 000000000 ____D C:\Users\Robert\AppData\Roaming\VEGAS Pro
2025-04-20 21:06 - 2025-04-21 10:40 - 000000000 ____D C:\Users\Robert\AppData\Local\VEGAS Pro
2025-04-20 21:06 - 2025-04-21 10:22 - 000000000 ____D C:\ProgramData\VEGAS Pro
2025-04-20 21:06 - 2025-04-20 21:10 - 000000000 ____D C:\Users\Robert\AppData\Local\Sony
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Roaming\VEGAS
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Roaming\MAGIX
2025-04-20 21:06 - 2025-04-20 21:06 - 000000000 ____D C:\Users\Robert\AppData\Local\MAGIX
2025-04-20 21:05 - 2025-04-20 21:10 - 000000000 ____D C:\ProgramData\Magix
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\ProgramData\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH C:\Program Files (x86)\AlibabaProtect
2025-04-20 19:57 - 2025-04-21 10:22 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Sony
2025-04-20 19:57 - 2025-04-21 10:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VEGAS
2025-04-20 19:57 - 2025-04-20 19:57 - 000000000 ____D C:\Users\Robert\AppData\Local\VEGAS
2025-04-20 19:44 - 2025-04-20 19:44 - 000005866 _____ C:\Users\Robert\AppData\LocalLow\183fe6247284088bf5e3cb9f4cf38746039fa07f000070dabdfab908a343a64e
2025-04-20 19:44 - 2025-04-20 19:44 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\a8b141efd5a28a0535a4b1cef38c232052f69977de70ef5ac15dddb5a77f531f
2025-04-20 19:27 - 2025-04-20 19:27 - 000000000 ____D C:\Users\Robert\AppData\Roaming\TeamViewer
2025-04-20 19:12 - 2025-04-20 19:23 - 000000000 ____D C:\Users\Robert\AppData\Local\TeamViewer
2025-04-20 19:12 - 2025-04-20 19:12 - 000000889 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer.lnk
2025-04-20 19:12 - 2025-04-20 19:12 - 000000877 _____ C:\Users\Public\Desktop\TeamViewer.lnk
2025-04-20 19:05 - 2025-04-21 11:12 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\MMC
2025-04-20 08:50 - 2025-04-20 08:51 - 011622546 _____ C:\Users\Robert\Desktop\mb_manual_ga-h81m-s2v.pdf
2025-04-20 08:30 - 2025-04-20 08:33 - 000035240 _____ C:\Users\Robert\AppData\LocalLow\b15d3a108baf677bad705d2193ceb1d29295e9ae5672296ad2f6ec14fa4d226f
2025-04-20 08:30 - 2025-04-20 08:33 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\9efc7b77bc60a484afa1dbca8105b35ad2d2bcddf61075a21cfb283050ad9d1e
2025-04-19 19:38 - 2025-04-20 21:13 - 000000000 ____D C:\Users\Robert\AppData\Local\Adobe
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\Roaming\com.adobe.dunamis
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Adobe
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\AppData\Local\SolidDocuments
2025-04-19 19:38 - 2025-04-19 19:38 - 000000000 ____D C:\Users\Robert\.ms-ad
2025-04-19 19:36 - 2025-04-20 21:14 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-04-19 19:34 - 2025-04-19 19:34 - 000100661 _____ C:\Users\Robert\Downloads\michaela-pohlova-shopping_list.pdf
2025-04-19 09:19 - 2025-04-19 09:19 - 000000000 ____D C:\Users\Robert\AppData\Local\Sony Corporation
2025-04-19 09:18 - 2025-04-19 09:18 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PS Remote Play.lnk
2025-04-19 09:18 - 2025-04-19 09:18 - 000002081 _____ C:\Users\Public\Desktop\PS Remote Play.lnk
2025-04-19 07:28 - 2025-04-19 07:28 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2025-04-18 22:36 - 2025-04-18 22:36 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2025-04-18 22:27 - 2025-04-18 22:28 - 000000000 ____D C:\Users\Robert\Documents\Witcher 2
2025-04-18 22:27 - 2025-04-18 22:27 - 000000000 ____D C:\Users\Robert\AppData\Local\The Witcher 2
2025-04-18 22:25 - 2025-03-27 23:40 - 4234857752 _____ C:\Users\Robert\Desktop\Zaklinac - Andrzej Sapkowski (Audioknihy komplet 01-08) (2).rar
2025-04-18 22:22 - 2025-04-14 18:14 - 000603822 _____ C:\Users\Robert\Documents\impressa-s9-s90-s95.pdf
2025-04-18 22:22 - 2025-04-14 18:14 - 000523493 _____ C:\Users\Robert\Documents\S7_S8_S9_instructions.pdf
2025-04-18 22:22 - 2025-02-22 15:16 - 004165367 _____ C:\Users\Robert\Documents\BN94 06301V UE32F5000AK.pdf
2025-04-18 22:21 - 2025-03-26 08:03 - 1274542565 _____ C:\Users\Robert\Desktop\Foto tábor.rar
2025-04-18 22:19 - 2025-04-18 22:19 - 000000000 ____D C:\Users\Robert\Desktop\cloudclone
2025-04-18 22:18 - 2025-04-18 22:19 - 000000000 ____D C:\Users\Robert\Desktop\lyzak
2025-04-18 22:18 - 2025-04-18 22:18 - 000085515 _____ C:\Users\Robert\AppData\LocalLow\34f6b2483462849a0a6b86842dbaed8595c9b1ea24a510ce6cabb8d612885e8b
2025-04-18 22:18 - 2025-04-18 22:18 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\4fca0a34b497acffbb870a4cea576f3ac71f00928c3146fe3d0d2dac45c9d5fb
2025-04-18 22:18 - 2025-04-18 22:18 - 000000000 ____D C:\Users\Robert\Desktop\zdroje jarda
2025-04-18 22:18 - 2025-04-14 19:53 - 000010049 _____ C:\Users\Robert\Desktop\komponenty.xlsx
2025-04-18 22:18 - 2025-04-11 20:26 - 001687344 _____ (Akeo Consulting) C:\Users\Robert\Desktop\rufus-4.7.exe
2025-04-18 21:27 - 2025-04-18 21:27 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Apoapsis Studios
2025-04-18 21:18 - 2025-04-18 21:18 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Apoapsis Studios
2025-04-18 21:17 - 2025-04-18 22:32 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2025-04-18 21:17 - 2025-04-18 21:17 - 000000222 _____ C:\Users\Robert\Desktop\Airport CEO.url
2025-04-18 21:06 - 2025-04-18 21:16 - 000000000 ____D C:\Users\Robert\AppData\Local\Steam
2025-04-18 21:06 - 2025-04-18 21:06 - 000001032 _____ C:\Users\Public\Desktop\Steam.lnk
2025-04-18 21:06 - 2025-04-18 21:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2025-04-18 20:39 - 2025-04-18 20:39 - 000000277 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2025-04-18 20:39 - 2025-04-18 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2025-04-17 23:09 - 2025-04-17 23:09 - 000000000 ____D C:\Users\Robert\Documents\Wondershare MediaServer
2025-04-17 22:55 - 2025-04-17 22:55 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2025-04-17 22:49 - 2025-04-17 22:49 - 000000000 ____D C:\Users\Robert\AppData\Local\CEF
2025-04-17 22:47 - 2025-04-17 23:11 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Wondershare
2025-04-17 22:46 - 2025-04-21 11:21 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\d184b3a61bf4be513cbb771b07df842ddf56f91b67d9cbe187f53880ca9b5c5d
2025-04-17 22:46 - 2025-04-20 20:38 - 000015661 _____ C:\Users\Robert\AppData\LocalLow\7c20ed46f96c41e8f4707573a4b5f44f7b40b89f3834b85911e9c253e71a658b
2025-04-17 22:21 - 2025-04-17 22:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\XnViewMP
2025-04-17 22:21 - 2025-04-17 22:24 - 000001719 _____ C:\Users\Robert\Desktop\XnView MP.lnk
2025-04-17 22:21 - 2025-04-17 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView MP
2025-04-17 22:13 - 2025-04-17 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO® 64
2025-04-17 22:13 - 2025-04-17 22:13 - 000000871 _____ C:\Users\Robert\Desktop\HWiNFO® 64.lnk
2025-04-17 22:13 - 2025-04-17 22:13 - 000000000 ____D C:\Users\Robert\AppData\Local\NEO
2025-04-17 22:09 - 2025-04-17 22:09 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\cf805d2f713496e708d42cbe5b9db8431a0ba71406dfe310e335188ebe737739
2025-04-17 22:08 - 2025-04-17 22:09 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Office
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Word
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\UProof
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Proof
2025-04-17 22:08 - 2025-04-17 22:08 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\AddIns
2025-04-17 22:07 - 2025-04-18 20:34 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\6c24cb48ad07e609b202da5bed0daad6e1f9cb902cb99c540bf998f0f78f497e
2025-04-17 22:07 - 2025-04-17 22:07 - 000052818 _____ C:\Users\Robert\AppData\LocalLow\37f22b22f7257f250884789ed6922f2c0f52d958a7a44f0a052c7a8a4540db4f
2025-04-17 22:07 - 2025-04-17 22:07 - 000005862 _____ C:\Users\Robert\AppData\LocalLow\31a05236bf63c1322dc2ad96fbc5fce66984281a7cc297635054f13ce385aba4
2025-04-17 22:07 - 2025-04-17 22:07 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\8222ed2b145f79e157d837f2f36fe58b0d2479c19d62a4eaf36319ae4a5db9ee
2025-04-17 22:03 - 2025-04-19 07:28 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-17 22:03 - 2025-04-19 07:28 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-17 22:03 - 2025-04-19 07:28 - 000000000 ___RD C:\Users\Default\OneDrive
2025-04-17 22:02 - 2025-04-17 22:02 - 000002573 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-04-17 22:02 - 2025-04-17 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2025-04-17 22:02 - 2025-04-17 22:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-04-17 21:57 - 2025-04-17 21:57 - 000000000 ____D C:\Users\Robert\AppData\Local\PeerDistRepub
2025-04-17 21:50 - 2025-04-17 21:50 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\8c90dfe160aa4d7986b18c7fec0883014fca29eb8008c982dfaa42b780933236
2025-04-17 21:49 - 2025-04-17 22:03 - 000014087 _____ C:\Users\Robert\AppData\LocalLow\c471a3f3b88ab9b37460e73f6bb1a3e7a513a2a2866fad587ff56ef5a1ad7e6c
2025-04-17 21:49 - 2025-04-17 21:49 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\bef33e67af07b07688c0a6330e732d016df14dc5824def44f89868a00efa36c8
2025-04-17 21:41 - 2025-04-17 22:06 - 000000000 ____D C:\Users\Robert\AppData\Local\GHISLER
2025-04-17 21:40 - 2025-04-17 21:41 - 000000000 ____D C:\Users\Robert\AppData\Roaming\GHISLER
2025-04-17 21:40 - 2025-04-17 21:40 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2025-04-17 21:02 - 2025-04-17 21:02 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\d1cf5ddacfbcfdb200ecab8573d5a879b9c9dd1809e72636b96abe744dc5c1e5
2025-04-17 21:00 - 2025-04-21 11:26 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\266bd9807d399cce2d446c97a504eb63b8c3c3e0ddf6d49dc9bc016827c2d997
2025-04-17 21:00 - 2025-04-21 11:20 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\a3a6c18d987c7026cb89a58f4d73379ce458cdf838ed4dfaa757a98133f4ec8d
2025-04-17 21:00 - 2025-04-21 10:18 - 000281796 _____ C:\Users\Robert\AppData\LocalLow\71526115fc7e468c232d42ae5088250ec4121a38b5a1f96fec9ed5b3ee8a45d1
2025-04-17 21:00 - 2025-04-17 22:12 - 000034391 _____ C:\Users\Robert\AppData\LocalLow\f511570017ef7913fd75e88e11a01911f88862b19fe7eb34b26890e8259721ee
2025-04-16 23:08 - 2025-04-16 23:08 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\4b82d73b83a4ced6b7d0997eb3aaaa99b450d9ee2aa3cc29116e303d1eae60a8
2025-04-16 23:06 - 2025-04-16 23:08 - 000228253 _____ C:\Users\Robert\AppData\LocalLow\b6f4b85779ab477df2ad80f8c96aa6c6bb8e0e80917194fb28985c5a92e096e7
2025-04-16 23:06 - 2025-04-16 23:08 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\6bb4f2f9d65f7bda2d90f51ccff4729b5ddfdde019641b39e1f05d5a804c8ed9
2025-04-16 22:58 - 2025-04-18 20:39 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2025-04-16 22:58 - 2025-04-16 22:58 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2025-04-16 22:58 - 2025-04-16 22:58 - 000000000 ____D C:\Users\Robert\AppData\Local\LenovoServiceBridge
2025-04-16 22:46 - 2025-04-16 22:46 - 000002264 _____ C:\Users\Robert\AppData\LocalLow\77e2aeb7d287c591e83df060bd0791395599662b0525d26ab77b624e9c5ab91c
2025-04-16 22:46 - 2025-04-16 22:46 - 000000130 _____ C:\Users\Robert\AppData\LocalLow\542c1e7e7a3f794d97a241f547580e15b32e73702c3ce8d5d387f920a571694b
2025-04-16 22:46 - 2025-04-16 22:46 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\f68745aa7a9338028522371f61f4006042b0b517326f372ba707e936d2a1fab0
2025-04-16 22:42 - 2025-04-17 21:42 - 000013429 _____ C:\Users\Robert\AppData\LocalLow\abdfbee3f482f410934d1e17c2f7f6fa1d3b379b2a07284ffda6ea337445c922
2025-04-16 22:42 - 2025-04-16 22:42 - 000000026 _____ C:\Users\Robert\AppData\LocalLow\6bdad7e2b2f0e006a1b2964609240b6498c71fd5a1aeb1e97866f9a43779a743
2025-04-16 22:41 - 2025-04-21 11:54 - 000000000 __SHD C:\Users\Robert\IntelGraphicsProfiles
2025-04-16 22:41 - 2025-04-16 22:41 - 000000000 ____D C:\Users\Robert\AppData\LocalLow\Intel
2025-04-16 22:35 - 2025-04-16 22:35 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2025-04-16 22:34 - 2025-04-16 22:34 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2025-04-16 22:34 - 2025-04-16 22:34 - 000000591 _____ C:\WINDOWS\system32\regtest.txt
2025-04-16 22:34 - 2024-04-24 23:42 - 006167496 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2025-04-16 22:33 - 2023-03-07 00:05 - 000058680 _____ () C:\WINDOWS\system32\Drivers\AlcGener2.sys
2025-04-16 22:26 - 2025-04-16 22:26 - 000000000 ____D C:\Users\Robert\AppData\Local\Comms
2025-04-16 22:22 - 2025-04-16 22:22 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-16 22:17 - 2024-05-13 09:38 - 003192872 _____ (Genesys Logic) C:\WINDOWS\system32\GLCRIcon.dll
2025-04-16 22:17 - 2024-05-13 09:38 - 000240904 _____ (Genesys Logic) C:\WINDOWS\system32\Drivers\GlPciSD.sys
2025-04-16 21:59 - 2025-04-16 21:59 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-16 21:59 - 2025-04-16 21:59 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-16 21:59 - 2025-04-16 21:59 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-04-16 21:58 - 2025-04-16 21:58 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-04-16 21:58 - 2025-04-16 21:58 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-04-16 21:53 - 2025-04-16 22:02 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-04-16 21:50 - 2022-11-16 18:30 - 020194536 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPRes.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 004454120 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnh.exe
2025-04-16 21:50 - 2022-11-16 18:30 - 004043464 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPCpl.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 001124552 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 000812728 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\SynTP.sys
2025-04-16 21:50 - 2022-11-16 18:30 - 000436424 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnhService.exe
2025-04-16 21:50 - 2022-11-16 18:30 - 000331448 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2025-04-16 21:50 - 2022-11-16 18:30 - 000254184 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPHelper.exe
2025-04-16 21:50 - 2022-11-16 18:30 - 000050360 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2025-04-16 21:49 - 2025-04-19 07:21 - 000000000 ____D C:\Users\Robert\AppData\Local\Lenovo
2025-04-16 21:49 - 2025-04-16 22:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2025-04-16 21:49 - 2025-04-16 21:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2025-04-16 21:49 - 2025-04-16 21:49 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2025-04-16 21:49 - 2025-02-26 17:45 - 005624152 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll
2025-04-16 21:49 - 2025-02-26 17:45 - 002352480 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\EasyResume.exe
2025-04-16 21:49 - 2025-02-26 17:45 - 000174928 _____ (Lenovo) C:\WINDOWS\SysWOW64\InstHelper.dll
2025-04-16 21:49 - 2025-02-26 17:45 - 000104784 _____ (Lenovo) C:\WINDOWS\SysWOW64\EventLogger.dll
2025-04-16 21:49 - 2025-02-26 17:45 - 000067408 _____ () C:\WINDOWS\SysWOW64\PowerMgrInst.exe
2025-04-16 21:49 - 2024-05-09 20:29 - 000045912 _____ () C:\WINDOWS\system32\SmartStandbyInst.exe
2025-04-16 21:48 - 2025-04-16 21:48 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 21:48 - 2025-04-16 21:48 - 000000000 ____D C:\Users\Robert\AppData\Local\Google
2025-04-16 21:47 - 2025-04-16 21:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
2025-04-16 21:47 - 2022-12-15 03:59 - 003265400 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TbtBusDrv.sys
2025-04-16 21:47 - 2022-12-15 03:59 - 000256368 _____ (Intel Corporation) C:\WINDOWS\TbtP2pShortcutService.exe
2025-04-16 21:46 - 2025-04-19 07:28 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-348134008-3669429990-2405808313-1000
2025-04-16 21:46 - 2025-04-19 07:28 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-348134008-3669429990-2405808313-1000
2025-04-16 21:46 - 2025-04-16 21:46 - 000000000 ___RD C:\Users\Robert\OneDrive
2025-04-16 21:45 - 2025-04-18 22:37 - 000000000 ____D C:\Users\Robert\AppData\Local\PlaceholderTileLogoFolder
2025-04-16 21:45 - 2025-04-16 22:41 - 000000000 ____D C:\Users\Robert\AppData\Local\Publishers
2025-04-16 21:45 - 2023-08-25 03:54 - 003784936 _____ (Synaptics Incorporated.) C:\WINDOWS\system32\AuthenticateFAM_SecureFP_UI.dll
2025-04-16 21:45 - 2023-08-25 03:54 - 003759336 _____ (Synaptics Incorporated.) C:\WINDOWS\SysWOW64\AuthenticateFAM_SecureFP_UI.dll
2025-04-16 21:45 - 2023-08-25 03:54 - 000504552 _____ (Synaptics Incorporated.) C:\WINDOWS\system32\AuthenticateFAM_SecureFP.dll
2025-04-16 21:45 - 2023-08-25 03:54 - 000371944 _____ (Synaptics Incorporated.) C:\WINDOWS\SysWOW64\AuthenticateFAM_SecureFP.dll
2025-04-16 21:44 - 2025-04-21 11:28 - 000000000 ____D C:\Users\Robert\AppData\Local\D3DSCache
2025-04-16 21:44 - 2025-04-21 11:27 - 000000000 ____D C:\Users\Robert\AppData\Local\Packages
2025-04-16 21:44 - 2025-04-21 08:55 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Adobe
2025-04-16 21:44 - 2025-04-17 22:25 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Spelling
2025-04-16 21:44 - 2025-04-17 21:48 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\Credentials
2025-04-16 21:44 - 2025-04-17 21:43 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Windows
2025-04-16 21:44 - 2025-04-16 22:26 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\Protect
2025-04-16 21:44 - 2025-04-16 21:44 - 000000020 ___SH C:\Users\Robert\ntuser.ini
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Šablony
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Soubory cookie
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Poslední
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Okolní tiskárny
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Okolní síť
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Nabídka Start
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Dokumenty
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Documents\Obrázky
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Documents\Hudba
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Documents\Filmy
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\Data aplikací
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 _SHDL C:\Users\Robert\AppData\Local\Data aplikací
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\SystemCertificates
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ___SD C:\Users\Robert\AppData\Roaming\Microsoft\Crypto
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Vault
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Roaming\Microsoft\Network
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Local\VirtualStore
2025-04-16 21:44 - 2025-04-16 21:44 - 000000000 ____D C:\Users\Robert\AppData\Local\ConnectedDevicesPlatform
2025-04-16 21:44 - 2022-11-13 23:47 - 015824744 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2025-04-16 21:44 - 2022-11-13 23:47 - 014798200 _____ C:\WINDOWS\system32\RsEyeContactCorrection_Assets.dll
2025-04-16 21:44 - 2022-11-13 23:46 - 013371816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2025-04-16 21:43 - 2025-04-21 11:36 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-16 21:41 - 2025-04-21 11:54 - 000002336 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Šablony
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Poslední
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Okolní síť
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Dokumenty
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\Data aplikací
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Šablony
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Plocha
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Dokumenty
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\ProgramData\Data aplikací
2025-04-16 21:38 - 2025-04-16 21:38 - 000000000 _SHDL C:\Documents and Settings
2025-04-16 21:36 - 2025-04-21 11:54 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-16 21:36 - 2025-04-21 11:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-16 21:36 - 2025-04-21 07:48 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-16 21:36 - 2025-04-19 17:47 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-16 21:36 - 2025-04-19 07:23 - 000370032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-16 21:36 - 2025-04-16 22:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-16 21:36 - 2025-04-16 21:41 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{EAD36AA6-B97F-4539-9438-03FC2682609F}
2025-04-16 21:36 - 2025-04-16 21:41 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{8969E11F-6533-4D70-9C19-2621E0D91B94}
2025-04-16 21:36 - 2025-04-16 21:36 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2025-04-16 21:36 - 2025-04-16 21:36 - 000000000 ____D C:\WINDOWS\system32\config\BFS

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-04-21 11:54 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-21 11:54 - 2017-07-04 09:05 - 000000000 __SHD C:\Intel
2025-04-21 11:54 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-21 11:54 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-21 11:54 - 2017-07-04 09:05 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-21 11:54 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files\TeamViewer
2025-04-21 11:36 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\INF
2025-04-21 11:27 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-21 11:27 - 2017-07-04 09:05 - 000000000 ____D C:\ProgramData\Package Cache
2025-04-21 11:23 - 2017-07-04 09:05 - 000000000 ____D C:\ProgramData\Intel
2025-04-21 10:22 - 2017-07-04 09:05 - 000000000 ____D C:\ProgramData\VEGAS
2025-04-21 10:22 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files\VEGAS
2025-04-21 10:21 - 2017-07-04 09:05 - 000000000 ____D C:\PROGRAMY
2025-04-21 10:00 - 2017-07-04 09:05 - 000000000 ____D C:\Users\Robert
2025-04-21 09:57 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files (x86)\Wondershare
2025-04-21 09:03 - 2017-07-04 09:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-21 07:21 - 2017-07-04 09:05 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-21 07:09 - 2017-07-04 09:05 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-21 07:05 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\NDF
2025-04-18 22:36 - 2024-09-06 05:59 - 001175072 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2025-04-18 22:36 - 2024-09-06 05:59 - 000780720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2025-04-18 22:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2025-04-18 22:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\MUI
2025-04-17 22:48 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-04-17 22:17 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-17 21:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WebThreatDefSvc
2025-04-16 22:36 - 2024-04-01 09:26 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2025-04-16 22:34 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-04-16 22:25 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\spool
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-04-16 22:23 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-16 22:22 - 2024-04-01 18:31 - 000000000 ___SD C:\WINDOWS\system32\AppV
2025-04-16 22:22 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-16 22:22 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-04-16 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-16 22:22 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-16 22:18 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-04-16 22:18 - 2024-04-01 09:26 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2025-04-16 21:52 - 2024-04-01 09:21 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-04-16 21:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2025-04-16 21:40 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2025-04-16 21:38 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase

==================== Files in the root of some directories ========

2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files\Symantec
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\AlibabaProtect
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Avast Software
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\AVG
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Awesome Miner
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Bitdefender
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\CryptoTab Browser
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\ESET
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\HitmanPro.Alert
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\HP Sure Sense
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\IOBit
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Kaspersky Lab
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Malwarebytes
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\McAfee
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\McAfee.com
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Net Protector 202A
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Norton Security
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\ReasonLabs
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\SMADAV
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Sophos
2025-04-20 20:14 - 2025-04-20 20:14 - 000000002 __RSH () C:\Program Files (x86)\Symantec

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by Robert (21-04-2025 11:58:59)
Running from C:\Users\Robert\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.3775 (X64) (2025-04-16 19:38:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-348134008-3669429990-2405808313-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-348134008-3669429990-2405808313-503 - Limited - Disabled)
Guest (S-1-5-21-348134008-3669429990-2405808313-501 - Limited - Disabled)
Robert (S-1-5-21-348134008-3669429990-2405808313-1000 - Administrator - Enabled) => C:\Users\Robert
WDAGUtilityAccount (S-1-5-21-348134008-3669429990-2405808313-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Documentation Manager (HKLM\...\{E0088F7D-23C2-4A0A-8EF2-1F1830F112F6}) (Version: 23.120.0.3 - Intel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
HWiNFO® 64 (HKLM\...\HWiNFO® 64_is1) (Version: 8.24 - Martin Malik, REALiX s.r.o.)
Intel Driver && Support Assistant (HKLM-x32\...\{34FD129E-004A-4117-87CB-F347DB637240}) (Version: 25.2.15.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{5A5C8172-E0B2-415D-AF69-96688BE4AEAD}) (Version: 2.4.10994 - Intel Corporation)
Intel(R) Graphics Software & Drivers (HKLM\...\Intel(R) Graphics Software & Drivers) (Version: 1.0.1013.20 - Intel(R) Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000120-0230-1029-84C8-B8D95FA3C8C3}) (Version: 23.120.0.4 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{27D11F0C-7F75-4104-A031-E00C4E8CF190}) (Version: 25.2.15.9 - Intel)
Intel® Graphics Software (HKLM\...\{041FC1DB-2953-47A1-B7F8-DC2540D3926F}) (Version: 25.10.1253.2 - Intel Corporation)
Intel® Graphics Software (HKLM\...\{32E5E5B8-4D24-460B-B187-F08AED1A67A5}) (Version: 25.10.1253.2 - Intel Corporation) Hidden
Intel® Software Installer (HKLM\...\{6219E6AE-8668-4CB1-91B7-749B2FFE6342}) (Version: 23.120.0.3 - Intel Corporation) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.08.03.59 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.3.21.0 - Lenovo Group Ltd.)
Microsoft .NET Host - 8.0.14 (x86) (HKLM-x32\...\{CB771E25-82B7-435C-B8CF-1DAF85D9A373}) (Version: 64.56.29490 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.14 (x64) (HKLM\...\{B2E7F2C8-73CD-4269-B7BC-11B7D8BB7A37}) (Version: 64.56.29490 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.14 (x86) (HKLM-x32\...\{455AA7CD-6D99-4039-95D2-FF1A437FD444}) (Version: 64.56.29490 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.14 (x64) (HKLM\...\{6C817CE3-32BC-4C6B-8B1A-E6F71EDAFFCC}) (Version: 64.56.29490 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.14 (x86) (HKLM-x32\...\{6E39BE88-1272-4732-A962-9B34A31EE12C}) (Version: 64.56.29490 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft 365 - cs-cz (HKLM\...\O365EduCloudRetail - cs-cz) (Version: 16.0.18623.20178 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.14 - Shared Framework (x86) (HKLM-x32\...\{b4843496-41d3-405c-b4c6-2ff39b7609ed}) (Version: 8.0.14.25112 - Microsoft Corporation)
Microsoft ASP.NET Core 8.0.14 Shared Framework (x86) (HKLM-x32\...\{BBD33465-6641-37D3-9444-5CCD7FE71A79}) (Version: 8.0.14.25112 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.051.0317.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31332 (HKLM-x32\...\{a98dc6ff-d360-4878-9f0a-915eba86eaf3}) (Version: 14.32.31332.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31332 (HKLM-x32\...\{8972AC25-452E-4FFE-945A-EB9E28C20322}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31332 (HKLM-x32\...\{AEAA18F7-9C96-4A43-BC07-8B88A4913EEB}) (Version: 14.32.31332 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM-x32\...\{d990096d-6282-42c5-8d16-71272c5be274}) (Version: 8.0.10.34118 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.14 (x64) (HKLM\...\{BC56BEFC-D9B7-476F-9B7C-2CD494572C27}) (Version: 64.56.29521 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.14 (x64) (HKLM-x32\...\{f4c6fb4c-68da-475b-8e92-fd8e6f8960cd}) (Version: 8.0.14.34613 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.14 (x86) (HKLM-x32\...\{F12CDBC1-172E-4413-829C-B5234E386262}) (Version: 64.56.29521 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.14 (x86) (HKLM-x32\...\{f70d61fa-5d61-4582-bf8d-07dec8e4fcda}) (Version: 8.0.14.34613 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM-x32\...\{5625bb48-295c-4113-bc92-d6a69b19b04c}) (Version: 8.0.15.34718 - Microsoft Corporation)
MSVCRT Redists (HKLM\...\{52116C70-79F9-11E6-9541-BB95F5A309BD}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{E5637EB0-7FC4-11E7-B61D-95BE57594EAC}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
MSVCRT Redists (HKLM\...\{E83D6FA1-B27C-11E9-B0DB-A5146957F833}) (Version: 1.0 - MAGIX Computer Products Intl. Co.) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20156 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18623.20178 - Microsoft Corporation) Hidden
oneAPI Level Zero (HKLM\...\{986A0084-C69A-4D6E-9FA2-7D3E8C0D6FDF}) (Version: 1.21.6 - Intel)
PS Remote Play (HKLM-x32\...\{40C31EAB-247D-49F2-935E-7A432817B644}) (Version: 8.0.0.14120 - Sony Interactive Entertainment Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.64.3 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.51 - Ghisler Software GmbH)
VEGAS Pro 17.0 (HKLM\...\{E649B5F0-B27C-11E9-B856-A5146957F833}) (Version: 17.0.284 - VEGAS)
XnView MP (x64) (HKLM\...\XnView MP (x64)_is1) (Version: 1.8.8.0 - Pierre-e Gougelet)

Packages:
=========
AppUp.ThunderboltControlCenter -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.37.0_x64__8j3eq9eme6ctt [2025-04-16] (INTEL CORP)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-16] (Microsoft Windows)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.26.3000.0_x64__rz1tebttyb220 [2025-04-16] (Dolby Laboratories)
Dolby Digital Plus decoder for PC OEMs -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyDigitalPlusDecoderOEM_1.1.285.0_x64__rz1tebttyb220 [2025-04-16] (Dolby Laboratories)
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2501.20.0_x64__k1h2ywk1493x8 [2025-04-16] (LENOVO INC.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-04-17] (Microsoft Corporation)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-04-17] ()
PrebootManager -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsUtilities_1.1.18.0_x64__807d65c4rvak2 [2025-04-16] (Synaptics Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.50.323.0_x64__dt26b99r8h8gj [2025-04-16] (Realtek Semiconductor Corp)
Synaptics TouchPad Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynapticsControlPanel_19005.19110.0.0_x64__807d65c4rvak2 [2025-04-16] (Synaptics Incorporated)
Synaptics Trackpoint Control Panel -> C:\Program Files\WindowsApps\SynapticsIncorporated.241916F58D6E7_19005.19110.0.0_x64__807d65c4rvak2 [2025-04-16] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{04271989-C4D2-E3AC-E5DF-56422E561943} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{14100442-9664-1407-2647-000000000000}\localserver32 -> "C:\Users\Robert\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{502E902C-104E-437A-924C-56C751FCB71A}\localserver32 -> c:\program files\intel\intel graphics software\intelgraphicssoftware.exe (Intel Corporation -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-348134008-3669429990-2405808313-1000_Classes\CLSID\{58c88306-572c-12c9-56ef-cfe7df40a5cc}\localserver32 -> C:\Users\Robert\Desktop\HandBrake\HandBrake.exe (HandBrake Team) [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnViewMP\XnViewShellExt64.dll [2025-03-28] (Pierre GOUGELET -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.051.0317.0003\FileSyncShell64.dll [2025-04-19] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Robert - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Robert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Michaela - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2025-03-17 23:20 - 2025-03-17 23:20 - 003182080 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-04-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2024-04-01 09:26 - 2025-04-21 10:50 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Intel;C:\Intel\m;C:\Intel\logs;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;C:\Users\Robert\AppData\Local\Microsoft\WindowsApps;C:\Program Files\dotnet\
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Robert\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\11348772234367442116\133894817047152598.jpg
DNS Servers: 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Intel(R) Ethernet Connection (13) I219-V -> e1d.sys
Wi-Fi: Intel(R) Wi-Fi 6 AX201 160MHz -> Netwtw10.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_A9F6DCE4ABADF4F51CF45CD7129E3C6C"
HKU\S-1-5-21-348134008-3669429990-2405808313-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4FDB15CD-931B-4D08-B703-CEBA4A01E633}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)
FirewallRules: [{42EA19C3-4A75-4508-8A6D-62B037772974}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> Lenovo)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:476.2 GB) (Free:391.24 GB) (82%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (04/21/2025 11:37:07 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: IntelSoftwareAssetManagerService.exe, verze: 3.5.5093.0, časové razítko: 0x67b8ace3
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0xe141486e
Kód výjimky: 0xc0000374
Posun chyby: 0x000fa50f
ID chybujícího procesu: 0x1ca0
Čas spuštění chybující aplikace: 0x1dbb2a0f20e0229
Cesta k chybující aplikaci: C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: cadff3c9-f150-4876-a4dc-8d23cb4b3b2b
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (04/21/2025 10:41:31 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-EC0CQAC)
Description: Název chybující aplikace: sfvstserver.exe, verze: 17.0.0.284, časové razítko: 0x5d3fbd56
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.26100.3775, časové razítko: 0xd070e954
Kód výjimky: 0xe0000001
Posun chyby: 0x0015d424
ID chybujícího procesu: 0x33d0
Čas spuštění chybující aplikace: 0x1dbb29910d4a0df
Cesta k chybující aplikaci: C:\Program Files\VEGAS\VEGAS Pro 17.0\x86\sfvstserver.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID sestavy: 333b8afd-9862-49e4-9057-c3e088d843f9
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (04/21/2025 10:04:54 AM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Description: A .NET application failed.
Application: HandBrake.exe
Path: C:\Users\Robert\Desktop\HandBrake\HandBrake.exe
Message: You must install .NET to run this application.

App: C:\Users\Robert\Desktop\HandBrake\HandBrake.exe
Architecture: x64
App host version: 8.0.13
.NET location: Not found

Learn more:
https://aka.ms/dotnet/app-launch-failed

Download the .NET runtime:
https://aka.ms/dotnet-core-applaunch?mi ... ion=8.0.13

Error: (04/21/2025 09:03:30 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-EC0CQAC)
Description: Název chybující aplikace: BMLFJMJNHGHGHMDK.exe, verze: 10.0.26100.1150, časové razítko: 0x23bbb5d4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x2e0c
Čas spuštění chybující aplikace: 0x1dbb2831891bb75
Cesta k chybující aplikaci: C:\Users\Robert\AppData\Roaming\Adobe\LogTransport2\BMLFJMJNHGHGHMDK.exe
Cesta k chybujícímu modulu: unknown
ID sestavy: ef8d277e-6bc9-4930-9c9a-ad184d8ee7c3
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (04/21/2025 08:03:17 AM) (Source: Application Error) (EventID: 1000) (User: DESKTOP-EC0CQAC)
Description: Název chybující aplikace: BMLFJMJNHGHGHMDK.exe, verze: 10.0.26100.1150, časové razítko: 0x23bbb5d4
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000140003be2
ID chybujícího procesu: 0x3758
Čas spuštění chybující aplikace: 0x1dbb27aaef19bb3
Cesta k chybující aplikaci: C:\Users\Robert\AppData\Roaming\Adobe\LogTransport2\BMLFJMJNHGHGHMDK.exe
Cesta k chybujícímu modulu: unknown
ID sestavy: 698d3fe8-4967-4bf4-8f43-f0a50271ecca
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:

Error: (04/21/2025 07:03:09 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-EC0CQAC$ přes https://NTC-KeyId-23f4e22ad3be374a44977 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(15ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (04/17/2025 08:55:19 PM) (Source: DPTF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17

Error: (04/16/2025 09:44:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Aktivace licence (slui.exe) se nezdařila s následujícím kódem chyby:
hr=0x80004005
Argument příkazového řádku:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=2


System errors:
=============
Error: (04/21/2025 11:54:15 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnhService byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Audio Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Driver & Support Assistant Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/21/2025 11:52:33 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2025-04-21 10:20:50
Description:
Microsoft Defender Antivirus has detected potentially unwanted application(PUA).
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/YongyuFeed
Severity: Low
Category: Potentially Unwanted Software
Path: file:_\\192.168.0.24\data\programy\Gears 3D Printer - Installer _zLFW.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\totalcmd\TOTALCMD64.EXE
Security intelligence Version: AV: 1.427.353.0, AS: 1.427.353.0, NIS: 1.427.353.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-21 10:08:57
Description:
Microsoft Defender Antivirus has detected potentially unwanted application(PUA).
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/YongyuFeed
Severity: Low
Category: Potentially Unwanted Software
Path: file:_\\192.168.0.24\data\programy\Gears 3D Printer - Installer _zLFW.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\totalcmd\TOTALCMD64.EXE
Security intelligence Version: AV: 1.427.353.0, AS: 1.427.353.0, NIS: 1.427.353.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1

Date: 2025-04-21 07:34:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-21 07:27:11
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2025-04-21 07:16:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2025-04-21 11:54:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e6280c9d2b6478c3\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2025-04-21 11:13:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_84147fa7a978ce4e\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO N34ET65W (1.65 ) 02/07/2025
Motherboard: LENOVO 20W4008QCK
Processor: 11th Gen Intel(R) Core(TM) i5-1135G7 @ 2.40GHz
Percentage of memory in use: 27%
Total physical RAM: 16107.05 MB
Available physical RAM: 11698.89 MB
Total Virtual: 19051.05 MB
Available Virtual: 14617.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.2 GB) (Free:391.24 GB) (Model: SKHynix_HFS512GDE9X081N) NTFS

\\?\Volume{b148aa00-f56d-48be-8126-25ca6e141c08}\ () (Fixed) (Total:0.63 GB) (Free:0.07 GB) NTFS
\\?\Volume{f6f69a02-6878-431e-902a-318c2344ecbe}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BB712021)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Je v tom sajrajt

Napsal: 21 dub 2025 13:29
od Rudy
Potřebuji vidět log z ADWC:
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Je v tom sajrajt

Napsal: 21 dub 2025 14:14
od Awandalor
# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-21-2025
# Duration: 00:00:01
# OS: Windows 11 (Build 26100.3775)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2289 octets] - [21/04/2025 11:51:57]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Je v tom sajrajt

Napsal: 21 dub 2025 15:15
od Rudy
OK. Teď otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
\\192.168.0.24\data\programy\Gears 3D Printer - Installer _zLFW.exe

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Je v tom sajrajt

Napsal: 21 dub 2025 17:44
od Awandalor
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by Robert (21-04-2025 18:41:53) Run:3
Running from C:\Users\Robert\Desktop
Loaded Profiles: Robert
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
\\192.168.0.24\data\programy\Gears 3D Printer - Installer _zLFW.exe

EmptyTemp:
End
*****************

Processes closed successfully.
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
\\192.168.0.24\data\programy\Gears 3D Printer - Installer _zLFW.exe => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 786432 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11688549 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 4899863 B
Edge => 0 B
Chrome => 565744290 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Robert => 13260664 B

RecycleBin => 213678 B
EmptyTemp: => 569 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 21-04-2025 18:42:52)

C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move

==== End of Fixlog 18:42:52 ====

Re: Je v tom sajrajt

Napsal: 21 dub 2025 19:03
od Rudy
Smazéno. PC by již měl být OK.

Re: Je v tom sajrajt

Napsal: 21 dub 2025 19:43
od Awandalor
Je v tom programu Gears 3d printer - installer _zLFW.exe nějaký problém? Mám odstranit? NPE bez chyb, Eset online scanner našel několik nepodstatných věcí ale taky našel
C:\Progressive\setup.exe a variant of Win32/HackTool.Silentall.N potentially unsafe application cleaned by deleting
složka C:\progressive ma atributy HS a jsou v ní další 3 soubory MSCOMCTL.OCX, MdmCommon.dll, kur.exe. Netuším k čemu jsou.
Pomohlo by mi před nákazou otestovat potencionálně problémový software nejdříve v nějakém virtual machine? Nebo by mi z VM prolezl do normálního systému?

Re: Je v tom sajrajt

Napsal: 21 dub 2025 19:58
od Rudy
Tak jde pravděpodobně o nějaký AdWare (nízká nebezpečnost) Celé injfo je přímo v logu:
Date: 2025-04-21 10:20:50
Description:
Microsoft Defender Antivirus has detected potentially unwanted application(PUA).
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Name: PUA:Win32/YongyuFeed
Severity: Low
Category: Potentially Unwanted Software
Path: file:_\\192.168.0.24\data\programy\Gears 3D Printer - Installer _zLFW.exe
Detection Origin: Network share
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\totalcmd\TOTALCMD64.EXE
Security intelligence Version: AV: 1.427.353.0, AS: 1.427.353.0, NIS: 1.427.353.0
Engine Version: AM: 1.1.25030.1, NIS: 1.1.25030.1
Proto jsem ho dal k mazání.

MdmCommon.dll : koukněte sem: https://learn-microsoft-com.translate.g ... _tr_pto=sc
kur.exe: Systémový *.exe soubor.

C:\Progressive\setup.exe a variant of Win32/HackTool.znamená, že se jedná o crack. Soubor jste musel stáhnout vy sám.

Re: Je v tom sajrajt

Napsal: 21 dub 2025 20:17
od Awandalor
Ale smazaný není. Stále ten program gears 3d printer je na NASce (192.168.0.24), fixlist ho nesmazal. Mohu ho smazat sám. Zkusil jsem ho najít z jiného zdroje tak snad bude bez adware https://sites.google.com/site/gears3dprinter

setup.exe ve skryté složce progressive jsem tam já nedal ale ano pracoval jsem s neotestovaným instalátorem čehož jsem už během instalace litoval protože jsem zjistil co všechno dělá a nedělá a zhrozil jsem se. Je divné že tento setup.exe našel až eset ale asi jsem nespustil žádný podrobný test, až v esetu. Možná proto nebyl detekován dříve.

Re: Je v tom sajrajt

Napsal: 21 dub 2025 20:51
od Rudy
C:\Progressive\setup.exe je crack a ten se nestáhne sám. Musel jste si ho tam vložit vy nebo někdo jiný, kd s PC momentálně pracoval. Pokud něco není smazáno, smažte ručně.

Re: Je v tom sajrajt

Napsal: 21 dub 2025 21:34
od Awandalor
Ten setup.exe tam nikdo vědomě nedal, podle mě to udělal instalátor v odkazu. To je to co mi infikovalo PC, v defendru si to udělalo vyjimku na všechna pismena pevnych disků A:/ - Z:/ a spoustu dalších věcí.
https://webshare.cz/#/file/6iDBhuzJ2O/v ... ivated-zip

Děkuji za pomoc, PC se zdá být čistý.

Re: Je v tom sajrajt

Napsal: 22 dub 2025 08:05
od Rudy
Tak to jsem rád a nemáte zač! :-)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz