Dobrý den,
prosím o kontrolu, díky.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07.06.2024
Ran by A (administrator) on DESKTOP-KFE391G (LENOVO 20JES3M302) (09-06-2024 09:00:38)
Running from C:\Users\A\Downloads\FRST64.exe
Loaded Profiles: A
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4412 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\A\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\Lenovo\SmartSense\SSSvc.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\SmartSense\UserSSCtrl.exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoSystemUpdateAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\Tablet\ISD\WacomHost.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_Tablet.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\ISD\WacomHost.exe
(C:\Program Files\Tablet\ISD\WTabletServiceISD.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\ISD_TabletUser.exe
(C:\Users\A\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\A\AppData\Local\Programs\Opera\110.0.5130.66\opera_crashreporter.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(cmd.exe ->) (Lenovo (Beijing) Limited -> Lenovo Group Limited) C:\Users\A\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\tpfsm.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\shtctky.exe
(DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tposd.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\A\AppData\Local\Programs\Opera\opera.exe <24>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.101.0519.0010\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_d372a4ea3b959b1c\aesm_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\SocketHeciServer.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\tphkload.exe
(services.exe ->) (Lenovo -> Lenovo Group Limited) C:\Windows\SysWOW64\EasyResume.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\SmartSense\SSSvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\LPlatSvc.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (Wacom Technology Corporation -> Wacom Technology, Corp.) C:\Program Files\Tablet\ISD\WTabletServiceISD.exe
(svchost.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxext.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3951024 2019-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [195256 2024-05-29] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1051351518-176820954-1691451495-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4899856 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1051351518-176820954-1691451495-1001\...\Run: [Opera Browser Assistant] => C:\Users\A\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4015008 2024-05-14] (Opera Norway AS -> Opera Software)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {960C7EBF-559C-467A-B7A3-50F96B053023} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {74810A40-B04B-4E4E-9DE3-0C0E6073D6AF} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on switch user if service is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {0402C911-EAEF-48A5-8F02-FB8174431553} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalAppStarter.exe [227888 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation)
Task: {8F591DC0-64BA-4BE9-925C-BF9568F4DFBE} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => C:\Program Files (x86)\Intel\Thunderbolt Software\\tbtsvc.exe [2311216 2019-10-02] (Key for TBT Legacy Driver -> Intel Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\ConditionalServiceStart
Task: {8C201F59-3576-4EC7-A241-BE0232AEE927} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> C:\Program Files (x86)\Intel\Thunderbolt Software\\start ThunderboltService
Task: {172BEA2B-FF27-4308-8CB0-F495BA76F494} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {32B53A4B-9991-47A2-837E-25F3C1D30571} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {B695DF4C-952A-41A6-8864-DEB05BE29F38} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {6820B356-2DBA-47B0-81E9-C08E64EF8B73} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2b82cf8a-7fd0-4add-96e1-cbf6c6e63b1e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {3F508DE6-8922-40CA-B4AA-5771EE87677B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5507aaa7-bdcb-4929-a7b3-5a5ecf245a7b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {931FA101-3249-4F6F-9A82-B8B98892B1CE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c78be52c-3879-44b8-bd6b-b8902bb48fa9 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {E0EBEB5A-700A-43C3-A1DC-9A9529AD0EEF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\fb0d2d31-6dec-462b-846a-36b4dd17eec5 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {5B9A54E6-F183-4D81-85F1-E70FAFCAAA71} - System32\Tasks\Lenovo\Lenovo Platform Task => C:\Windows\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\LPlatSvc.exe [915824 2023-06-20] (Lenovo -> Lenovo)
Task: {797EF054-C0BF-42B6-BDC8-DF28F3DE453B} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1051351518-176820954-1691451495-1001 => C:\Users\A\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [88584 2024-05-17] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {583E1AC3-BA70-490C-A4AB-AB109488851A} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128872 2023-12-20] (Lenovo -> Lenovo)
Task: {5B37E5E2-AF2D-4ABE-B335-AA48BF22F8A8} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [66920 2023-12-20] (Lenovo -> )
Task: {4E7FEF12-EA51-4DA3-9256-B5B58DAB5D93} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {E97728E8-247C-40F7-8855-282BC0E308F6} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {1C6B4826-CAF0-48D0-B1F0-453244D5E31B} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {E56941C9-B115-463F-9569-16862BA33D48} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {62D14247-7231-449E-BD13-DCFFE71D3212} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {47CB191B-34F1-4D93-807E-DE43358122CD} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {968CBF0E-DD2D-4023-A491-978F1917F21F} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6CCFD8B4-4976-4F91-B926-FB04923A8B29} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {71563D11-D7B8-45D7-BFAB-DE6D610B9FA7} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {51FBCD01-78BF-46D1-BD4D-78C3619E61DA} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {C1852CF7-C880-4070-AE52-F46F4E4EBD7B} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {603701E0-D633-4150-807B-8932418F8725} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28498912 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {D41F68BE-B22D-4AF4-A9D5-7E9F7F94C751} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6FF5C8C-3194-4E3B-AD8D-8C92170AECF3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309912 2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC7772B5-0FE3-40AB-80A6-5D82FB04F40E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF6BDFBD-AB81-471A-BED6-5ACF2BC7E7DD} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [File not signed] -> C:\Program Files\CONEXANT\cAudioFilterAgent\/uid:cAudioFilterAgent /delay:45
Task: {5E36B2F4-3E2E-486E-9A27-A9B3251A7F02} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {87661CAA-C4CB-401C-9B5D-01D45E6648B0} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1051351518-176820954-1691451495-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209056 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F252B16-6D98-4143-9B6E-D68457BE287B} - System32\Tasks\Opera scheduled assistant Autoupdate 1717524093 => C:\Users\A\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5728672 2024-06-04] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\A\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {1B31A16B-0FA7-4712-8438-5376A30DA879} - System32\Tasks\Opera scheduled Autoupdate 1717524088 => C:\Users\A\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5728672 2024-06-04] (Opera Norway AS -> Opera Software)
Task: {1E8A9657-3A85-4169-AEA5-8CA4F17EEBD1} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-16] (Lenovo -> )
Task: {87737689-7294-48E3-8CE3-480BFF3DE655} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1900320 2022-09-16] (Lenovo -> )
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{28b10280-1c1b-4da4-b72d-b1b84ea5709f}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{28b10280-1c1b-4da4-b72d-b1b84ea5709f}: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\A\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-04]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012520 2024-05-26] (Microsoft Corporation -> Microsoft Corporation)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2020-06-02] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5584248 2024-05-29] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3903168 2024-05-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3903168 2024-05-29] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncHelper.exe [3514384 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
R2 IBMPMSVC; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmsvc.exe [1031024 2023-06-20] (Lenovo -> Lenovo)
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 Lenovo Instant On; C:\WINDOWS\SysWOW64\EasyResume.exe [2352376 2023-12-20] (Lenovo -> Lenovo Group Limited)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
R2 LPlatSvc; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\LPlatSvc.exe [915824 2023-06-20] (Lenovo -> Lenovo)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.101.0519.0010\OneDriveUpdaterService.exe [3853840 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522200 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SmartSenseAddin; C:\Program Files (x86)\Lenovo\SmartSense\SSSvc.exe [145704 2023-07-06] (Lenovo -> Lenovo)
R2 TPHKLOAD; C:\WINDOWS\System32\DriverStore\FileRepository\fn.inf_amd64_9c4c29de89199c58\driver\TPHKLOAD.exe [473760 2021-10-22] (Lenovo -> Lenovo Group Limited)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [78328 2021-08-25] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [218432 2024-05-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119008 2024-05-29] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2024-05-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [259752 2024-05-29] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [57832 2024-04-24] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [84120 2024-05-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [125952 2024-05-29] (ESET, spol. s r.o. -> ESET)
S3 FlashUSB; C:\WINDOWS\System32\drivers\FlashUSB.sys [19968 2013-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Intel Mobile Communications)
R3 IBMPMDRV; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\ibmpmdrv.sys [56128 2023-06-20] (Lenovo -> Lenovo)
R1 PMDRVS; C:\WINDOWS\System32\DriverStore\FileRepository\ibmpmdrv.inf_amd64_7b52940a5893ba07\x64\pmdrvs.sys [41792 2023-06-20] (Lenovo -> Lenovo)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [328784 2023-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 shspusb; C:\WINDOWS\System32\drivers\HSPUSB.sys [24064 2013-05-02] (Microsoft Windows Hardware Compatibility Publisher -> MobileTop)
S3 sscdserd; C:\WINDOWS\System32\drivers\sscdserd.sys [158024 2013-05-02] (MCCI Corporation -> MCCI Corporation)
S3 ssceserd; C:\WINDOWS\System32\drivers\ssceserd.sys [158024 2013-05-02] (MCCI Corporation -> MCCI Corporation)
S3 ssdudfu; C:\WINDOWS\System32\drivers\ssdudfu.sys [101960 2013-05-02] (MCCI Corporation -> MCCI)
S3 ssm_bus; C:\WINDOWS\System32\drivers\ssm_bus.sys [136192 2013-05-02] (MCCI Corporation -> MCCI Corporation)
S3 ssm_mdm; C:\WINDOWS\System32\drivers\ssm_mdm.sys [172032 2013-05-02] (MCCI Corporation -> MCCI Corporation)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [203672 2013-05-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [203672 2013-05-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [76832 2022-09-30] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [67864 2013-05-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [203672 2013-05-02] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\WINDOWS\System32\drivers\ss_bserd.sys [128000 2013-05-02] (MCCI Corporation -> MCCI Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 WacHidRouterISD; C:\WINDOWS\System32\drivers\wachidrouter_isd.sys [142424 2017-05-24] (Wacom Technology Corporation -> Wacom Technology, Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 dg_ssudbus; \SystemRoot\System32\drivers\ssudbus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-06-09 09:00 - 2024-06-09 09:01 - 000027397 _____ C:\Users\A\Downloads\FRST.txt
2024-06-09 09:00 - 2024-06-09 09:00 - 000000000 ____D C:\FRST
2024-06-09 08:59 - 2024-06-09 08:59 - 002395136 _____ (Farbar) C:\Users\A\Downloads\FRST64.exe
2024-06-08 16:14 - 2024-06-08 16:14 - 000511699 _____ C:\Users\A\Downloads\2927004545.pdf
2024-06-06 16:15 - 2024-06-06 16:16 - 000000000 ___HD C:\$WinREAgent
2024-06-06 01:33 - 2024-06-06 01:33 - 000000000 ____D C:\WINDOWS\system32\%userprofile%
2024-06-05 23:39 - 2024-06-08 21:22 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-06-05 17:41 - 2024-06-05 17:41 - 000000000 ____D C:\Program Files\RUXIM
2024-06-05 17:41 - 2024-06-05 17:41 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2024-06-05 17:40 - 2024-06-05 17:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-05 06:09 - 2024-06-05 06:09 - 000000000 ____D C:\Users\A\AppData\Local\Backup
2024-06-04 21:25 - 2024-06-04 21:25 - 037829970 _____ C:\Users\A\Downloads\Albert - 23SM_akcni_letak.pdf
2024-06-04 20:39 - 2024-06-04 20:39 - 000000000 ____D C:\Users\A\AppData\Local\Tvsukernel
2024-06-04 20:36 - 2024-06-06 01:33 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-06-04 20:36 - 2024-06-06 01:33 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-06-04 20:36 - 2024-06-06 01:33 - 000000000 ___RD C:\Users\Default\OneDrive
2024-06-04 20:36 - 2024-06-04 20:36 - 000002511 _____ C:\Users\A\Desktop\Word.lnk
2024-06-04 20:36 - 2024-06-04 20:36 - 000002483 _____ C:\Users\A\Desktop\Excel.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2024-06-04 20:35 - 2024-06-04 20:35 - 000000000 ____D C:\Users\A\AppData\Local\CrashDumps
2024-06-04 20:35 - 2024-06-04 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2024-06-04 20:35 - 2024-06-04 20:35 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-04 20:32 - 2024-06-04 20:35 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-04 20:32 - 2024-06-04 20:32 - 000000000 ____D C:\Program Files\Microsoft Office 15
2024-06-04 20:29 - 2024-06-04 20:29 - 000000000 ___HD C:\OneDriveTemp
2024-06-04 20:27 - 2024-06-04 20:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\Intel
2024-06-04 20:27 - 2024-06-04 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbolt™ Software
2024-06-04 20:27 - 2024-06-04 20:27 - 000000000 ____D C:\Program Files (x86)\Intel
2024-06-04 20:26 - 2024-06-04 20:26 - 000000000 ____D C:\Program Files\Lenovo
2024-06-04 20:24 - 2024-06-04 20:24 - 000000000 ____D C:\Users\A\AppData\Local\PeerDistRepub
2024-06-04 20:19 - 2024-06-04 20:41 - 000000000 ____D C:\Program Files (x86)\Lenovo
2024-06-04 20:19 - 2024-06-04 20:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\TVT
2024-06-04 20:19 - 2024-06-04 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\lenovo
2024-06-04 20:18 - 2024-06-06 14:45 - 000000000 ____D C:\WINDOWS\TempInst
2024-06-04 20:18 - 2024-06-04 20:18 - 000000000 ____D C:\Users\A\AppData\Local\LenovoServiceBridge
2024-06-04 20:17 - 2024-06-04 20:17 - 003812528 _____ (Lenovo ) C:\Users\A\Downloads\LSBSetup.exe
2024-06-04 20:17 - 2024-06-04 20:17 - 000000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2024-06-04 20:10 - 2024-06-04 20:10 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2024-06-04 20:09 - 2024-06-04 20:09 - 000000000 ____D C:\Users\A\AppData\Local\ESET
2024-06-04 20:09 - 2024-06-04 20:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2024-06-04 20:09 - 2024-06-04 20:09 - 000000000 ____D C:\ProgramData\ESET
2024-06-04 20:09 - 2024-06-04 20:09 - 000000000 ____D C:\Program Files\ESET
2024-06-04 20:08 - 2024-06-04 20:08 - 010262392 _____ (ESET) C:\Users\A\Downloads\eset_smart_security_premium_live_installer.exe
2024-06-04 20:01 - 2024-06-04 20:01 - 000004508 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1717524093
2024-06-04 20:01 - 2024-06-04 20:01 - 000004234 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1717524088
2024-06-04 20:01 - 2024-06-04 20:01 - 000001378 _____ C:\Users\A\Desktop\Prohlížeč Opera.lnk
2024-06-04 20:01 - 2024-06-04 20:01 - 000001368 _____ C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2024-06-04 20:01 - 2024-06-04 20:01 - 000000000 ____D C:\Users\A\AppData\Local\Opera Software
2024-06-04 20:01 - 2024-06-04 20:01 - 000000000 ____D C:\Users\A\AppData\Local\Comms
2024-06-04 20:00 - 2024-06-04 20:00 - 002114272 _____ () C:\Users\A\Downloads\OperaSetup.exe
2024-06-04 20:00 - 2024-06-04 20:00 - 000000000 ____D C:\Users\A\AppData\Roaming\Opera Software
2024-05-29 09:33 - 2024-05-29 09:33 - 000259752 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2024-05-29 09:33 - 2024-05-29 09:33 - 000218432 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2024-05-29 09:33 - 2024-05-29 09:33 - 000125952 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2024-05-29 09:33 - 2024-05-29 09:33 - 000084120 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2024-05-21 08:16 - 2024-05-21 08:16 - 000000000 ____D C:\WINDOWS\OEM
2024-05-21 08:15 - 2024-05-21 07:24 - 000000000 ____D C:\WINDOWS\Panther
2024-05-21 08:12 - 2024-05-21 08:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2024-05-21 08:12 - 2024-05-21 08:12 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2024-05-21 08:11 - 2024-06-08 21:22 - 000000000 ____D C:\Intel
2024-05-21 08:11 - 2024-05-21 08:11 - 000000000 ____D C:\WINDOWS\Lenovo
2024-05-21 08:11 - 2024-05-21 08:11 - 000000000 ____D C:\Program Files\Tablet
2024-05-21 08:11 - 2024-05-21 08:11 - 000000000 ____D C:\Program Files\Synaptics
2024-05-21 08:10 - 2024-05-21 08:10 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2024-05-21 08:10 - 2024-05-21 08:10 - 000000000 ____D C:\WINDOWS\Setup
2024-05-21 08:09 - 2024-06-08 21:29 - 000683426 _____ C:\WINDOWS\system32\perfh005.dat
2024-05-21 08:09 - 2024-06-08 21:29 - 000137206 _____ C:\WINDOWS\system32\perfc005.dat
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\winrm
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\WCN
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\slmgr
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\cs
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\0409
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\OCR
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\DigitalLocker
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\addins
2024-05-21 08:09 - 2024-05-21 08:09 - 000000000 ____D C:\ProgramData\ssh
2024-05-21 08:09 - 2024-05-21 07:26 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2024-05-21 08:07 - 2024-06-09 08:56 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-21 08:07 - 2024-06-08 21:22 - 000000000 ___RD C:\Program Files (x86)
2024-05-21 08:07 - 2024-06-08 21:22 - 000000000 ____D C:\WINDOWS\ServiceState
2024-05-21 08:07 - 2024-06-08 18:42 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-21 08:07 - 2024-06-08 18:42 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-21 08:07 - 2024-06-04 20:35 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-05-21 08:07 - 2024-06-04 20:09 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-05-21 08:07 - 2024-06-04 20:04 - 000000000 ____D C:\WINDOWS\appcompat
2024-05-21 08:07 - 2024-06-04 20:00 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2024-05-21 08:07 - 2024-06-04 19:55 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-21 08:07 - 2024-05-21 08:15 - 000000000 ____D C:\WINDOWS\Containers
2024-05-21 08:07 - 2024-05-21 08:13 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ___SD C:\WINDOWS\system32\dsc
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\MUI
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\system32\Com
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\IME
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\WINDOWS\Help
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files\Windows Defender
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files\Common Files\System
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files (x86)\Windows NT
2024-05-21 08:07 - 2024-05-21 08:09 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 __SHD C:\Program Files\Windows Sidebar
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 __RSD C:\WINDOWS\Media
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 __RHD C:\Users\Public\Libraries
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\system32\Nui
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\system32\AppV
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Web
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\WaaS
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Vss
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\tracing
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\TAPI
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SystemApps
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\winevt
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ti-et
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ta-in
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\si-lk
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ras
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\NDF
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\my-mm
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Macromed
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Keywords
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\IME
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\icsxml
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ias
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\DriverState
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\mde
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\downlevel
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\am-et
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\System
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SKB
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\schemas
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\SchCache
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\security
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Resources
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\rescache
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\RemotePackages
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Registration
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Provisioning
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\PLA
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Performance
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\ModemLogs
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\L2Schemas
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\InputMethod
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\InboxApps
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\IdentityCRL
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Globalization
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Cursors
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\Branding
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\ProgramData\USOShared
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files\Windows Security
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files\Common Files\Services
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-21 08:07 - 2024-05-21 08:07 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-21 08:07 - 2024-05-21 08:06 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2024-05-21 08:07 - 2024-05-21 08:06 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2024-05-21 08:07 - 2024-05-21 08:06 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2024-05-21 08:07 - 2024-05-21 08:06 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2024-05-21 08:07 - 2024-05-21 08:06 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2024-05-21 08:07 - 2024-05-21 08:06 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2024-05-21 08:07 - 2024-05-21 07:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-21 08:07 - 2024-05-21 07:34 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-21 08:07 - 2024-05-21 07:30 - 000000000 ____D C:\ProgramData\USOPrivate
2024-05-21 08:07 - 2024-05-21 07:26 - 000000000 ____D C:\WINDOWS\system32\spool
2024-05-21 08:07 - 2024-05-21 07:24 - 000000000 ____D C:\WINDOWS\CSC
2024-05-21 08:07 - 2024-05-21 07:24 - 000000000 ____D C:\Program Files\Windows NT
2024-05-21 08:07 - 2024-05-21 07:21 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-21 08:07 - 2024-05-21 07:20 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2024-05-21 08:06 - 2024-06-08 21:29 - 000000000 ____D C:\WINDOWS\INF
2024-05-21 08:04 - 2024-06-05 17:44 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-21 08:03 - 2024-06-08 21:22 - 092798976 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-05-21 08:03 - 2024-06-08 21:22 - 026738688 _____ C:\WINDOWS\system32\config\SYSTEM
2024-05-21 08:03 - 2024-06-08 21:22 - 001048576 _____ C:\WINDOWS\system32\config\DEFAULT
2024-05-21 08:03 - 2024-06-08 21:22 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-05-21 08:03 - 2024-06-08 21:22 - 000131072 _____ C:\WINDOWS\system32\config\SAM
2024-05-21 08:03 - 2024-06-08 21:22 - 000032768 _____ C:\WINDOWS\system32\config\SECURITY
2024-05-21 08:03 - 2024-06-05 17:43 - 000000000 ____D C:\WINDOWS\servicing
2024-05-21 08:03 - 2024-05-21 08:07 - 000000000 ____D C:\WINDOWS\system32\SMI
2024-05-21 08:03 - 2024-05-21 07:20 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-05-21 07:41 - 2024-06-06 16:07 - 000000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Spelling
2024-05-21 07:41 - 2024-05-21 07:41 - 000000000 ____D C:\Users\A\AppData\Local\OneDrive
2024-05-21 07:37 - 2024-06-06 01:33 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1051351518-176820954-1691451495-1001
2024-05-21 07:36 - 2024-06-04 22:37 - 000000000 ____D C:\Users\A\AppData\Local\PlaceholderTileLogoFolder
2024-05-21 07:35 - 2024-06-09 08:52 - 000000000 ___RD C:\Users\A\OneDrive
2024-05-21 07:35 - 2024-06-04 20:42 - 000000000 ____D C:\Users\A\AppData\Local\Lenovo
2024-05-21 07:35 - 2024-05-21 07:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2024-05-21 07:34 - 2024-06-09 08:52 - 000000000 __SHD C:\Users\A\IntelGraphicsProfiles
2024-05-21 07:34 - 2024-06-05 22:22 - 000000000 ____D C:\Users\A\AppData\Local\Packages
2024-05-21 07:34 - 2024-06-04 21:58 - 000000000 ____D C:\Users\A\AppData\Local\D3DSCache
2024-05-21 07:34 - 2024-06-04 20:40 - 000000000 ____D C:\ProgramData\Packages
2024-05-21 07:34 - 2024-06-04 20:37 - 000000000 ____D C:\Users\A\AppData\Local\ConnectedDevicesPlatform
2024-05-21 07:34 - 2024-06-04 20:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-05-21 07:34 - 2024-06-04 19:55 - 000000000 ____D C:\Users\A\AppData\Local\Publishers
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ___SD C:\Users\A\AppData\Roaming\Microsoft\SystemCertificates
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ___SD C:\Users\A\AppData\Roaming\Microsoft\Protect
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ___SD C:\Users\A\AppData\Roaming\Microsoft\Crypto
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ___SD C:\Users\A\AppData\Roaming\Microsoft\Credentials
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ___RD C:\Users\A\3D Objects
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\Roaming\WTablet
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Vault
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Network
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\Roaming\Adobe
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\LocalLow\Intel
2024-05-21 07:34 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\Local\VirtualStore
2024-05-21 07:32 - 2024-05-21 07:35 - 000000000 ____D C:\Users\A
2024-05-21 07:32 - 2024-05-21 07:34 - 000000000 ____D C:\Users\A\AppData\Roaming\Microsoft\Windows
2024-05-21 07:32 - 2024-05-21 07:32 - 000000020 ___SH C:\Users\A\ntuser.ini
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Šablony
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Soubory cookie
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Poslední
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Okolní tiskárny
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Okolní síť
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Nabídka Start
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Dokumenty
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Documents\Obrázky
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Documents\Hudba
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Documents\Filmy
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\Data aplikací
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-05-21 07:32 - 2024-05-21 07:32 - 000000000 _SHDL C:\Users\A\AppData\Local\Data aplikací
2024-05-21 07:28 - 2024-06-08 21:29 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-21 07:26 - 2023-12-20 19:38 - 005558632 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\PWMTR32V.dll
2024-05-21 07:26 - 2023-12-20 19:38 - 002352376 _____ (Lenovo Group Limited) C:\WINDOWS\SysWOW64\EasyResume.exe
2024-05-21 07:26 - 2023-12-20 19:38 - 000174440 _____ (Lenovo) C:\WINDOWS\SysWOW64\InstHelper.dll
2024-05-21 07:26 - 2023-12-20 19:38 - 000103784 _____ (Lenovo) C:\WINDOWS\SysWOW64\EventLogger.dll
2024-05-21 07:26 - 2023-12-20 19:38 - 000066920 _____ () C:\WINDOWS\SysWOW64\PowerMgrInst.exe
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Šablony
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Poslední
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Okolní síť
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Dokumenty
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\Data aplikací
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\Default User
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Users\All Users
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\ProgramData\Šablony
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\ProgramData\Plocha
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\ProgramData\Dokumenty
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\ProgramData\Data aplikací
2024-05-21 07:24 - 2024-05-21 07:24 - 000000000 _SHDL C:\Documents and Settings
2024-05-21 07:21 - 2024-05-21 07:21 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Pen.lnk
2024-05-21 07:21 - 2024-05-21 07:21 - 000000102 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_wachidrouter_isd_01011.Wdf
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____D C:\ProgramData\Validity
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____D C:\ProgramData\Dolby
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____D C:\ProgramData\Conexant
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 ____D C:\Program Files\Dolby
2024-05-21 07:21 - 2024-05-21 07:21 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2024-05-21 07:21 - 2022-01-28 21:04 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2024-05-21 07:21 - 2016-12-06 15:55 - 000416576 _____ (Conexant Systems, Inc.) C:\WINDOWS\SysWOW64\SASrv.exe
2024-05-21 07:21 - 2016-12-06 15:55 - 000416576 _____ (Conexant Systems, Inc.) C:\WINDOWS\system32\SASrv.exe
2024-05-21 07:21 - 2016-11-16 13:47 - 000004664 _____ C:\WINDOWS\system32\Drivers\CxSfPt.dat
2024-05-21 07:21 - 2015-09-16 16:10 - 000225624 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CxAudMsg64.exe
2024-05-21 07:20 - 2024-06-08 21:22 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-21 07:20 - 2024-06-08 21:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-21 07:20 - 2024-06-08 21:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2024-05-21 07:20 - 2024-06-08 21:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-21 07:20 - 2024-06-08 18:42 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-21 07:20 - 2024-06-07 05:25 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-21 07:20 - 2024-06-07 05:25 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-21 07:20 - 2024-06-04 20:42 - 000000000 ____D C:\ProgramData\Lenovo
2024-05-21 07:20 - 2024-06-04 20:37 - 000438968 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-21 07:20 - 2024-05-21 07:24 - 000000000 ____D C:\ProgramData\Intel
2024-05-21 07:20 - 2024-05-21 07:21 - 001705080 _____ (TODO: <Company name>) C:\WINDOWS\SysWOW64\RebootPrompt.exe
2024-05-21 07:20 - 2024-05-21 07:21 - 000000000 ____D C:\ProgramData\UIU
2024-05-21 07:20 - 2024-05-21 07:21 - 000000000 ____D C:\Program Files\CONEXANT
2024-05-21 07:20 - 2024-05-21 07:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-21 07:20 - 2024-05-21 07:20 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2024-05-21 07:02 - 2024-05-21 08:16 - 000000000 ___HD C:\$SysReset
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07.06.2024
Ran by A (09-06-2024 09:01:59)
Running from C:\Users\A\Downloads
Microsoft Windows 10 Pro Version 22H2 19045.4412 (X64) (2024-05-21 05:24:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
A (S-1-5-21-1051351518-176820954-1691451495-1001 - Administrator - Enabled) => C:\Users\A
Administrator (S-1-5-21-1051351518-176820954-1691451495-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1051351518-176820954-1691451495-503 - Limited - Disabled)
Guest (S-1-5-21-1051351518-176820954-1691451495-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1051351518-176820954-1691451495-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.277.0 - Conexant Systems)
Dolby Audio X2 Windows API SDK (HKLM\...\{FA0735B6-9E18-437A-A1CD-9152650FC52B}) (Version: 0.8.8.90 - Dolby Laboratories, Inc.) Hidden
ESET Security (HKLM\...\{2E8A6E4C-5B0C-4943-A3E9-57BB3447FD2F}) (Version: 17.1.13.0 - ESET, spol. s r.o.)
Lenovo Scaling Utility (HKLM\...\Lenovo Scaling Utility) (Version: 3.22 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-1051351518-176820954-1691451495-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 5.0.2.17 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0139 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17628.20110 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 125.0.2535.92 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 24.101.0519.0010 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20102 - Microsoft Corporation) Hidden
Opera Stable 110.0.5130.66 (HKU\S-1-5-21-1051351518-176820954-1691451495-1001\...\Opera 110.0.5130.66) (Version: 110.0.5130.66 - Opera Software)
Thunderbolt™ Software (HKLM-x32\...\{1AA93FF8-C685-4E00-8682-7F2E5D8E8689}) (Version: 17.4.80.550 - Intel Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{85C69797-7336-4E83-8D97-32A7C8465A3B}) (Version: 8.94.0.0 - Microsoft Corporation)
Wacom Pen (HKLM\...\ISD Tablet Driver) (Version: 7.3.4-38 - Wacom Technology Corp.)
Packages:
=========
Lenovo Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2403.25.0_x64__k1h2ywk1493x8 [2024-06-04] (LENOVO INC.)
Microsoft Defender -> C:\Program Files\WindowsApps\microsoft.6365217ce6eb4_102.2403.21001.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corporation) [Startup Task]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5487.0_x64__8j3eq9eme6ctt [2024-06-04] (INTEL CORP) [Startup Task]
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.92.0_x64__8wekyb3d8bbwe [2024-06-04] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-05-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-05-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\24.101.0519.0010\FileSyncShell64.dll [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-05-29] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-04] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-05-21 08:07 - 2024-05-21 08:06 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1051351518-176820954-1691451495-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{524822B9-028D-42A6-96CE-EEC636A2E4DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45172ABE-EE2A-4B17-A80B-D6BB12130073}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{79031373-CF50-4D70-BF69-1FA9A96911DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C7B0A46-0CEF-4452-8622-C8C90C61157C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.119.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F36650E5-F408-47A0-9CF8-EB806A32A215}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{63D9D32F-BDB9-406E-BCE6-12A24D3CB42A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{11294307-8558-4DDE-8690-A8BA1AA79CF0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{190E79D2-0B87-4971-A55E-2C0AACDB176D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\125.0.2535.92\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
04-06-2024 21:03:04 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/04/2024 08:35:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: taskhostw.exe, verze: 10.0.19041.3636, časové razítko: 0x5599b21c
Název chybujícího modulu: wininet.dll, verze: 11.0.19041.4355, časové razítko: 0xe93020ba
Kód výjimky: 0x000005b4
Posun chyby: 0x00000000001b6cec
ID chybujícího procesu: 0x1310
Čas spuštění chybující aplikace: 0x01dab6aaa511285f
Cesta k chybující aplikaci: C:\WINDOWS\system32\taskhostw.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\wininet.dll
ID zprávy: 55f00181-5896-42cb-b412-dbd14120e017
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/04/2024 08:16:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.3636, časové razítko: 0x71c3372a
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ff9810cc3ff
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0x01dab6ab603f6a52
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 2574b197-68cb-4d2b-b68b-d83ed917e7c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/04/2024 08:16:54 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()
Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)
Error: (06/04/2024 08:16:52 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (06/04/2024 08:16:52 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (06/04/2024 08:16:52 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
Error: (05/21/2024 07:36:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: StartMenuExperienceHost.exe, verze: 0.0.0.0, časové razítko: 0xe07647a2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.4355, časové razítko: 0xd7762934
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000012d332
ID chybujícího procesu: 0x24d4
Čas spuštění chybující aplikace: 0x01daab408caf6d2c
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: d95efec3-7501-4c72-a3d2-43834fce6f33
Úplný název chybujícího balíčku: Microsoft.Windows.StartMenuExperienceHost_10.0.19041.4239_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (05/21/2024 07:26:17 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu Windows Defender na SECURITY_PRODUCT_STATE_ON došlo k chybě.
System errors:
=============
Error: (06/09/2024 08:52:10 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/08/2024 09:22:18 PM) (Source: TPM) (EventID: 15) (User: NT AUTHORITY)
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/08/2024 03:57:56 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/08/2024 08:39:00 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/07/2024 04:15:04 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/07/2024 01:31:01 PM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/07/2024 11:44:12 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
Error: (06/07/2024 08:45:57 AM) (Source: TPM) (EventID: 15) (User: )
Description: V hardwaru čipu TPM (Trusted Platform Module) došlo k neobnovitelné chybě ovladače zařízení, která brání používání služeb TPM (například šifrování dat). Budete-li potřebovat další pomoc, obraťte se na výrobce počítače.
CodeIntegrity:
===============
Date: 2024-06-09 08:52:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO N1NET64W (1.51 ) 03/27/2024
Motherboard: LENOVO 20JES3M302
Processor: Intel(R) Core(TM) i7-7600U CPU @ 2.80GHz
Percentage of memory in use: 31%
Total physical RAM: 15989.11 MB
Available physical RAM: 10954.28 MB
Total Virtual: 18421.11 MB
Available Virtual: 13531.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:476.39 GB) (Free:428.12 GB) (Model: SAMSUNG MZVLB512HAJQ-000L7) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{4a7abb65-0000-0000-0000-201c77000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 476.9 GB) (Disk ID: 4A7ABB65)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=510 MB) - (Type=27)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kontrola logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kontrola logu
Ahoj,
preventivne prescanuj s MBAM
preventivne prescanuj s MBAM
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?