Totalne pomaly NTB

Zpráva

jacho6380 · #1 Příspěvek od **jacho6380** » 12 úno 2022 09:25

Dobry den, syn ma totalne zasekany Notebook, mozem poprosit pomoc?

Logfile of random's system information tool 1.10 (written by random/random)
Run by 42191 at 2022-02-12 09:24:20
Microsoft Windows 11 Home
System drive C: has 4 GB (7%) free of 58 GB
Total RAM: 3467 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:24:26, on 12. 2. 2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22000.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe
C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe
C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\42191.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.50\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\42191\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\42191\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [Disig Web Signer] C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0370421.inf_amd64_8f365dc2ded16925\B370101\atiesrxx.exe
O23 - Service: AMD Log Utility - Unknown owner - C:\WINDOWS\System32\amdlogsr.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_7da8a - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem21.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Dolby Laboratories - C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\WINDOWS\System32\FMService64.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\98.0.4758.82\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: @oem4.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo Group Ltd. - C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe
O23 - Service: @oem61.inf,%ServiceDisplayName%;mcafeeintegrationservice (mcafeeintegrationservice) - McAfee - C:\WINDOWS\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Qualcomm Atheros WLAN Driver Service (QcomWlanSrv) - Unknown owner - C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\WINDOWS\System32\RtkAudUService64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile USB Connectivity Launcher (ss_conn_launcher_service) - Unknown owner - C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12192 bytes

======Listing Processes======

winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-923f4467-4f7c-49d8-84c5-2582d5199b80 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0d0d3ac0-059e-4d0d-978c-563c6dfdab25 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-95af1c3d-555b-4d49-aebb-18e964229a24 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-916d2232-8bea-4477-8165-f6c436f052c4 -LifetimeId:936cedd4-0ec0-4454-9fd3-31414fbe6e6f -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netprofm -p
C:\WINDOWS\system32\svchost.exe -k osprivacy -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\DriverStore\FileRepository\u0370421.inf_amd64_8f365dc2ded16925\B370101\atiesrxx.exe
C:\WINDOWS\System32\amdlogsr.exe
dashost.exe {74863d67-4ea3-4f15-aa8667c4cf0dabc3}
atieclxx

C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\system32\AUDIODG.EXE 0x000000000000049C
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\drivers\AdminService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe
C:\WINDOWS\System32\FMService64.exe
"C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe"
C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe"
C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe
"C:\WINDOWS\System32\RtkAudUService64.exe"

C:\WINDOWS\System32\svchost.exe -k netsvcs
AggregatorHost.exe
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c

"C:\WINDOWS\System32\DriverStore\FileRepository\DAX3_S~1.INF\\DAX3API.exe" -capturestream
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

sihost.exe
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" VantageCoreAddin C:\ProgramData\Lenovo\Vantage\Addins\\VantageCoreAddin\1.0.0.28\VantageCoreAddin.dll 0e307c63268946489d6cf11418a5f6cd 5b580553-851f-4449-a0f8-5594846bd697
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" DeviceSettingsSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsSystemAddin\1.0.1.58\DeviceSettingsSystemAddin.dll 18c0f41122394a64b3eede85ec0ee2b2 5b580553-851f-4449-a0f8-5594846bd697
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" LenovoServiceBridgeAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoServiceBridgeAddin\1.0.0.54\LenovoServiceBridgeAddin.dll 2ac159aa3967480984eb9e3ca803380a 5b580553-851f-4449-a0f8-5594846bd697
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe" LenovoBoostAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoBoostAddin\1.0.0.32\LenovoBoostAddin.dll 4acc021f2b8442c59640372a64595e13 5b580553-851f-4449-a0f8-5594846bd697
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.Amd64.exe" LenovoBoostSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoBoostSystemAddin\1.0.0.32\LenovoBoostSystemAddin.dll d1a63d1cdef54598b6ede4205ccd1deb 5b580553-851f-4449-a0f8-5594846bd697
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21121.243.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.x86.exe" DeviceSettingsHeartbeatAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsHeartbeatAddin\1.0.0.25\DeviceSettingsHeartbeatAddin.dll eba99358b7cb40c9b7d80a1b02f5c5e8 5b580553-851f-4449-a0f8-5594846bd697
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Windows\System32\RtkAudUService64.exe" -background
"C:\Users\42191\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
"C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe"
-name 5831dd19-9b02-4312-8387-fc14fcaf0550 -runas -pluginName IdeaNotebookPlugin -pluginVersion 1.2.78.16
"C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\Lenovo.Vantage.AddinHost.exe" LenovoSecurityAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoSecurityAddin\1.0.0.31\LenovoSecurityAddin.dll 9f0130fa635a465bb5a13c6aea3268ee 5b580553-851f-4449-a0f8-5594846bd697
-name 80df6e31-e100-4397-923f-cc53638e1c7d -runas -pluginName LenovoVisionProtectionPlugin -pluginVersion 1.2.98.14
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --system-initiated
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"
"C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=gpu-process --field-trial-handle=1996,7108341891957599892,15977138843819679373,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/42191/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/13.1.8-18918412+++Portal+Release-Live UnrealEngine/4.23.0-18918412+++Portal+Release-Live Chrome/84.0.4147.38" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --lang=en --gpu-preferences=MAAAAAAAAADgACAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file=C:/Users/42191/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --mojo-platform-channel-handle=2012 /prefetch:2
"C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe" atlogon
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe" --type=crashpad-handler "--user-data-dir=C:\Users\42191\AppData\Roaming\Microsoft\Skype for Store" /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\42191\AppData\Roaming\Microsoft\Skype for Store\Crashpad" --url=appcenter://generic?aid=a8902fe7-ef45-455c-8513-5e56d48e36fd&iid=40a372c7-2d03-4eac-7d13-70a5f1f0316e&uid=40a372c7-2d03-4eac-7d13-70a5f1f0316e --annotation=_companyName=Skype --annotation=_productName=skype-preview --annotation=_version=8.79.0.95 --annotation=prod=Electron --annotation=ver=13.6.0 --initial-client-data=0x694,0x698,0x69c,0x690,0x6a0,0x75a7a90,0x75a7aa0,0x75a7aac
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=gpu-process --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1584 /prefetch:2
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=sk --service-sandbox-type=network --enable-wer --ms-teams-less-cors=522133263 --mojo-platform-channel-handle=2260 /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.4001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe"
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=sk --enable-wer --ms-teams-less-cors=522133263 --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar" --enable-sandbox --native-window-open --preload="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\notifications\preload_notifications.js" --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2976 /prefetch:1 --msteams-process-type=notificationsManager
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=sk --enable-wer --ms-teams-less-cors=522133263 --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar" --webview-tag --enable-sandbox --native-window-open --preload="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\preload.js" --world-safe-execute-javascript --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=3 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1 --msteams-process-type=mainWindow
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=sk --service-sandbox-type=audio --enable-wer --ms-teams-less-cors=522133263 --mojo-platform-channel-handle=3172 /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe" --type=gpu-process --field-trial-handle=2248,10855228625506695052,6172956994334682983,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --user-data-dir="C:\Users\42191\AppData\Roaming\Microsoft\Skype for Store" --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --mojo-platform-channel-handle=2264 /prefetch:2
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2248,10855228625506695052,6172956994334682983,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=sk --service-sandbox-type=none --user-data-dir="C:\Users\42191\AppData\Roaming\Microsoft\Skype for Store" --mojo-platform-channel-handle=2504 /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --ms-disable-indexeddb-transaction-timeout --field-trial-handle=2248,10855228625506695052,6172956994334682983,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --disable-gpu-compositing --lang=sk --user-data-dir="C:\Users\42191\AppData\Roaming\Microsoft\Skype for Store" --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\resources\app.asar" --no-sandbox --no-zygote --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2876 /prefetch:1 --skype-process-type=Main --skype-window-id=__MAIN_ROOT_VIEW_ID__
"C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe"
C:\WINDOWS\uus\AMD64\MoUsoCoreWorker.exe
"C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/Win64/EpicWebHelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1996,7108341891957599892,15977138843819679373,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --locales-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources/locales" --log-file=C:/Users/42191/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --log-severity=warning --product-version="EpicGamesLauncher/13.1.8-18918412+++Portal+Release-Live UnrealEngine/4.23.0-18918412+++Portal+Release-Live Chrome/84.0.4147.38" --resources-dir-path="C:/Program Files (x86)/Epic Games/Launcher/Engine/Binaries/ThirdParty/CEF3/Win64/Resources" --lang=en --log-file=C:/Users/42191/AppData/Local/EpicGamesLauncher/Saved/Logs/cef3.log --mojo-platform-channel-handle=3396 /prefetch:8

"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=sk --enable-wer --ms-teams-less-cors=522133263 --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar" --enable-sandbox --native-window-open --preload="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\renderer\experienceRenderer\preload_webview.js" --background-color=#fff --guest-instance-id=5 --enable-blink-features --disable-blink-features --hidden-page --node-integration-in-subframes --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2160 /prefetch:1 --msteams-process-type=experience-renderer
"C:\Users\42191\AppData\Local\Microsoft\Teams\current\Teams.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --field-trial-handle=1528,11652031473842646909,2830499240817006615,131072 --enable-features=ContextBridgeMutability,WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=sk --enable-wer --ms-teams-less-cors=522133263 --app-user-model-id=com.squirrel.Teams.Teams --app-path="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar" --no-sandbox --no-zygote --preload="C:\Users\42191\AppData\Local\Microsoft\Teams\current\resources\app.asar\lib\pluginhost\preload.js" --context-isolation --background-color=#fff --enable-spellcheck --enable-websql --disable-electron-site-instance-overrides --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4316 /prefetch:1 --msteams-process-type=pluginHost
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe"
C:\WINDOWS\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe"

-name 51a71d30-ec86-4ad4-ab3d-033528e5d9a1 -runas -pluginName DolbyAudioPlugin -pluginVersion 1.2.240.5
-name da82cff7-2562-402f-9c87-1a87f68d190d -runas -pluginName GenericMessagingPlugin -pluginVersion 3.2.0.57
"C:\WINDOWS\Lenovo\iMController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe" -name 5f9b8515-d819-4a8d-980d-148b59bcb8ff -runas SYSTEM -pluginName GenericTelemetryPlugin -pluginVersion 2.2.30.0
"C:\WINDOWS\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe" -name eee60d8c-0be3-4bd8-b34e-09ab6c83c690 -runas SYSTEM -pluginName LenovoAppScenarioPluginSystem -pluginVersion 1.2.190.5
"C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.4001.0_x64__8wekyb3d8bbwe\GamingServices.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\mcafee-security.exe" -ServerName:App.AppX70z311bjdb1xmz7zp8wfg7gxg7f9v17f.mca
%systemroot%\system32\MoNotificationUx.exe /NotificationType Reboot_Engaged /FormFactor Passive /Timeout 0
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_321.14700.0.9_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\42191\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\42191\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\42191\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=97.0.4692.99 --initial-client-data=0xf0,0xf4,0xf8,0xcc,0xfc,0x7ffc0870a850,0x7ffc0870a860,0x7ffc0870a870
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAIAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1652 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --service-sandbox-type=none --mojo-platform-channel-handle=2000 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --service-sandbox-type=utility --mojo-platform-channel-handle=2088 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=8 --launch-time-ticks=451762750 --mojo-platform-channel-handle=4432 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=29 --launch-time-ticks=573002016 --mojo-platform-channel-handle=2792 /prefetch:1
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --service-sandbox-type=audio --mojo-platform-channel-handle=6308 /prefetch:8
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p
-name ac57fea0-26f5-4dae-b934-0b8f6ae896dc -runas -pluginName GenericCorePlugin -pluginVersion 1.3.4.4
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=106 --launch-time-ticks=1027597260 --mojo-platform-channel-handle=9900 /prefetch:1
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Widgets.exe --webview-exe-version=321.14700.0.0 --user-data-dir="C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disk-cache-size=52428800 --lang=sk-SK --mojo-named-platform-channel-pipe=5344.4088.739264755117398824
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=98.0.4758.80 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=98.0.1108.43 --initial-client-data=0xfc,0x100,0x104,0xd8,0x10c,0x7ffc08914cc0,0x7ffc08914cd0,0x7ffc08914ce0
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=321.14700.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1960 --field-trial-handle=1992,9166045675150128327,3105450883253473483,131072 /prefetch:2
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=sk --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=321.14700.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2060 --field-trial-handle=1992,9166045675150128327,3105450883253473483,131072 /prefetch:3
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=sk --service-sandbox-type=utility --noerrdialogs --user-data-dir="C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=321.14700.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2404 --field-trial-handle=1992,9166045675150128327,3105450883253473483,131072 /prefetch:8
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.43\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\42191\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=321.14700.0.0 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-client-side-phishing-detection --display-capture-permissions-policy-allowed --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc" --lang=sk --device-scale-factor=1.5 --num-raster-threads=1 --renderer-client-id=5 --launch-time-ticks=1066133359 --mojo-platform-channel-handle=3268 --field-trial-handle=1992,9166045675150128327,3105450883253473483,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1696,7547935674476676959,17471816099498032606,131072 --lang=sk --service-sandbox-type=service --mojo-platform-channel-handle=7180 /prefetch:8
"C:\Users\42191\OneDrive\Počítač\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.50\BHO\ie_to_edge_bho_64.dll [2022-02-10 530832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-06-27 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-06-27 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.50\BHO\ie_to_edge_bho.dll [2022-02-10 432016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02 154944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2021-06-05 266240]
"RtkAudUService"=C:\WINDOWS\System32\RtkAudUService64.exe [2020-08-21 1140456]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\42191\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2022-01-26 2593128]
"com.squirrel.Teams.Teams"=C:\Users\42191\AppData\Local\Microsoft\Teams\Update.exe [2021-12-16 2459304]
"EpicGamesLauncher"=C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2022-02-10 33648608]
"Disig Web Signer"=C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [2021-02-04 254080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\nvdimm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966cb1-4d46-4166-bf23-c522403cd495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nvdimm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{53966cb1-4d46-4166-bf23-c522403cd495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.inf - open -
.inf - install -
.ini - open -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 month======

2022-02-12 09:24:20 ----D---- C:\rsit
2022-02-12 09:24:20 ----D---- C:\Program Files\trend micro
2022-02-12 09:22:11 ----D---- C:\AdwCleaner
2022-02-12 09:04:05 ----D---- C:\WINDOWS\Panther
2022-02-11 22:33:27 ----HD---- C:\$WinREAgent
2022-02-10 19:00:49 ----A---- C:\WINDOWS\system32\RsDMFT64.dll
2022-02-10 19:00:49 ----A---- C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-02-09 09:18:19 ----D---- C:\Users\42191\AppData\Roaming\vlc
2022-02-07 00:17:40 ----D---- C:\ProgramData\Microsoft OneDrive
2022-02-07 00:16:54 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-07 00:14:39 ----SHD---- C:\ProgramData\Templates
2022-02-07 00:14:39 ----SHD---- C:\ProgramData\Start Menu
2022-02-07 00:14:39 ----SHD---- C:\ProgramData\Documents
2022-02-07 00:14:39 ----SHD---- C:\ProgramData\Desktop
2022-02-07 00:14:39 ----SHD---- C:\ProgramData\Application Data
2022-02-07 00:09:42 ----ASH---- C:\hiberfil.sys
2022-02-07 00:08:07 ----SD---- C:\Users\42191\AppData\Roaming\Microsoft
2022-02-07 00:07:24 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2022-02-07 00:06:45 ----D---- C:\WINDOWS\system32\SleepStudy
2022-02-07 00:06:44 ----ASH---- C:\swapfile.sys
2022-02-07 00:06:44 ----ASH---- C:\pagefile.sys
2022-02-07 00:06:44 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-07 00:06:43 ----D---- C:\WINDOWS\Prefetch
2022-02-07 00:06:17 ----D---- C:\Windows.old
2022-02-07 00:02:15 ----AS---- C:\WINDOWS\bootstat.dat
2022-02-07 00:01:31 ----D---- C:\WINDOWS\system32\Microsoft
2022-02-07 00:01:31 ----D---- C:\WINDOWS\ServiceProfiles
2022-02-06 23:52:15 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2022-02-06 23:52:15 ----A---- C:\WINDOWS\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2022-02-12 09:24:20 ----RD---- C:\Program Files
2022-02-12 09:21:48 ----D---- C:\WINDOWS\Temp
2022-02-12 09:20:28 ----D---- C:\WINDOWS\AppReadiness
2022-02-12 09:20:17 ----HD---- C:\Program Files\WindowsApps
2022-02-12 09:20:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-02-12 09:12:15 ----D---- C:\WINDOWS\System32
2022-02-12 09:12:15 ----D---- C:\WINDOWS\INF
2022-02-12 09:11:22 ----D---- C:\WINDOWS\system32\config
2022-02-12 09:11:16 ----D---- C:\Program Files (x86)\Google
2022-02-12 09:11:00 ----SHDC---- C:\WINDOWS\Installer
2022-02-12 09:09:23 ----D---- C:\WINDOWS\system32\sru
2022-02-12 09:09:20 ----D---- C:\WINDOWS\CbsTemp
2022-02-12 09:09:13 ----D---- C:\WINDOWS\WinSxS
2022-02-12 09:08:59 ----RD---- C:\Program Files (x86)
2022-02-12 09:08:16 ----D---- C:\WINDOWS\SystemTemp
2022-02-12 09:08:13 ----D---- C:\WINDOWS\system32\DriverStore
2022-02-12 09:05:47 ----D---- C:\WINDOWS\Logs
2022-02-12 09:04:05 ----D---- C:\Windows
2022-02-12 09:04:00 ----D---- C:\WINDOWS\system32\LogFiles
2022-02-12 09:03:58 ----D---- C:\WINDOWS\ServiceState
2022-02-12 09:03:56 ----ASH---- C:\DumpStack.log.tmp
2022-02-12 08:59:34 ----D---- C:\Users\42191\AppData\Roaming\discord
2022-02-11 22:51:41 ----RD---- C:\WINDOWS\Microsoft.NET
2022-02-11 20:32:58 ----A---- C:\WINDOWS\system32\xgameruntime.dll
2022-02-11 20:32:57 ----A---- C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-02-11 20:32:47 ----A---- C:\WINDOWS\system32\gamingservicesproxy.dll
2022-02-11 20:32:46 ----A---- C:\WINDOWS\system32\gameplatformservices.dll
2022-02-11 20:32:46 ----A---- C:\WINDOWS\system32\gamemodcontrol.exe
2022-02-11 20:32:46 ----A---- C:\WINDOWS\system32\gamelaunchhelper.dll
2022-02-11 20:32:46 ----A---- C:\WINDOWS\system32\gameconfighelper.dll
2022-02-11 20:30:25 ----D---- C:\WINDOWS\system32\MRT
2022-02-11 20:30:09 ----AC---- C:\WINDOWS\system32\MRT.exe
2022-02-11 17:14:44 ----D---- C:\WINDOWS\system32\drivers\UMDF
2022-02-11 17:14:38 ----D---- C:\WINDOWS\SysWOW64
2022-02-11 17:14:38 ----D---- C:\WINDOWS\system32\drivers
2022-02-11 13:44:03 ----D---- C:\WINDOWS\system32\WDI
2022-02-11 11:25:25 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2022-02-11 11:20:56 ----D---- C:\WINDOWS\system32\Tasks
2022-02-11 11:18:02 ----RD---- C:\Users
2022-02-10 19:00:51 ----D---- C:\WINDOWS\system32\catroot2
2022-02-10 17:51:09 ----D---- C:\WINDOWS\system32\drivers\wd
2022-02-09 07:07:15 ----D---- C:\WINDOWS\system32\Logs
2022-02-09 07:07:15 ----D---- C:\Program Files\Microsoft Update Health Tools
2022-02-07 00:32:41 ----D---- C:\ProgramData\Packages
2022-02-07 00:32:11 ----RD---- C:\WINDOWS\PrintDialog
2022-02-07 00:26:07 ----D---- C:\WINDOWS\servicing
2022-02-07 00:17:40 ----HD---- C:\ProgramData
2022-02-07 00:16:19 ----SD---- C:\ProgramData\Microsoft
2022-02-07 00:14:45 ----D---- C:\WINDOWS\system32\oobe
2022-02-07 00:14:29 ----D---- C:\WINDOWS\SoftwareDistribution
2022-02-07 00:14:26 ----D---- C:\WINDOWS\Tasks
2022-02-07 00:14:25 ----D---- C:\Program Files\Windows Defender
2022-02-07 00:09:14 ----D---- C:\Program Files\Common Files\microsoft shared
2022-02-07 00:09:11 ----RD---- C:\WINDOWS\assembly
2022-02-07 00:07:42 ----D---- C:\WINDOWS\system32\dolbyaposvc
2022-02-07 00:07:25 ----D---- C:\WINDOWS\appcompat
2022-02-07 00:07:21 ----D---- C:\WINDOWS\debug
2022-02-07 00:07:08 ----SHD---- C:\Recovery
2022-02-07 00:07:04 ----D---- C:\WINDOWS\system32\wbem
2022-02-07 00:06:27 ----D---- C:\WINDOWS\system32\WinBioDatabase
2022-02-07 00:06:26 ----RSD---- C:\WINDOWS\Fonts
2022-02-07 00:06:26 ----D---- C:\WINDOWS\system32\Tasks_Migrated
2022-02-07 00:06:25 ----D---- C:\WINDOWS\SYSWOW64\drivers
2022-02-07 00:06:25 ----D---- C:\WINDOWS\system32\spool
2022-02-07 00:06:25 ----D---- C:\WINDOWS\system32\Samsung
2022-02-07 00:06:25 ----D---- C:\WINDOWS\system32\drivers\etc
2022-02-07 00:06:24 ----D---- C:\WINDOWS\system32\Recovery
2022-02-07 00:06:24 ----D---- C:\WINDOWS\system32\MsDtc
2022-02-07 00:06:24 ----D---- C:\Program Files\Common Files
2022-02-07 00:06:24 ----D---- C:\Program Files (x86)\Microsoft.NET
2022-02-07 00:06:24 ----D---- C:\Program Files (x86)\Microsoft
2022-02-07 00:06:24 ----D---- C:\Program Files (x86)\Common Files
2022-02-07 00:06:15 ----D---- C:\WINDOWS\Setup
2022-02-07 00:06:09 ----D---- C:\ProgramData\USOPrivate
2022-02-07 00:03:04 ----D---- C:\WINDOWS\system32\AMD
2022-02-07 00:03:02 ----D---- C:\WINDOWS\Lenovo
2022-02-07 00:00:28 ----SD---- C:\WINDOWS\system32\en-US
2022-02-07 00:00:19 ----D---- C:\WINDOWS\OCR
2022-02-06 23:58:12 ----SD---- C:\WINDOWS\SYSWOW64\F12
2022-02-06 23:58:12 ----SD---- C:\WINDOWS\system32\F12
2022-02-06 23:58:12 ----D---- C:\WINDOWS\SYSWOW64\WCN
2022-02-06 23:58:12 ----D---- C:\WINDOWS\SYSWOW64\en-US
2022-02-06 23:58:12 ----D---- C:\WINDOWS\SYSWOW64\drivers\en-US
2022-02-06 23:58:12 ----D---- C:\WINDOWS\system32\WCN
2022-02-06 23:58:12 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2022-02-06 23:58:12 ----D---- C:\WINDOWS\system32\migwiz
2022-02-06 23:58:11 ----D---- C:\WINDOWS\system32\en
2022-02-06 23:58:11 ----D---- C:\WINDOWS\system32\drivers\en-US
2022-02-06 23:58:11 ----D---- C:\WINDOWS\en-US
2022-02-06 23:58:11 ----D---- C:\Program Files\Windows Photo Viewer
2022-02-06 23:58:11 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2022-02-06 23:58:11 ----D---- C:\Program Files (x86)\Windows Defender
2022-01-28 20:04:18 ----A---- C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-28 20:04:16 ----A---- C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-28 20:04:16 ----A---- C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-28 20:03:26 ----A---- C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-26 09:42:28 ----D---- C:\Program Files\Microsoft Office

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdpsp;@oem45.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2020-03-24 135184]
R0 IntelPMT;@intelpmt.inf,%IntelPMT.SVCDESC%;Intel(R) Platform Monitoring Technology Service; C:\WINDOWS\System32\drivers\IntelPMT.sys [2021-06-05 74224]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-05 82256]
R0 PRM;@prm.inf,%PRM.SvcDesc%;Microsoft PRM Driver; C:\WINDOWS\System32\DriverStore\FileRepository\prm.inf_amd64_7fc9bb8ba2b73803\PRM.sys [2021-06-05 61752]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-06-05 77824]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2021-06-05 106808]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-06-05 155976]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2021-06-05 86016]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2021-06-05 40960]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-06-05 176464]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-06-05 540672]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2021-06-05 81920]
R3 ACPIVPC;@oem15.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2021-07-26 44024]
R3 amdacpbus;@oem50.inf,%amdacpbus.SVCDESC%;Audio Coprocessr Driver for DSP; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpbus.inf_amd64_36c81572f42cc25a\amdacpbus.sys [2020-07-01 6380960]
R3 amdgpio2;@oem29.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2020-03-16 46344]
R3 amdi2c;@oem55.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2020-07-14 65320]
R3 amdlog;@oem16.inf,%AMDLOG_svcdesc%;AMD LOG Utility Driver; C:\WINDOWS\System32\drivers\amdlog.sys [2020-06-11 88176]
R3 amdwddmg;amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0370421.inf_amd64_8f365dc2ded16925\B370101\amdkmdag.sys [2021-08-07 80463176]
R3 AtiHDAudioService;@oem51.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2020-06-09 107936]
R3 BtFilter;BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [2021-03-13 104728]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-06-05 139264]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2021-06-05 135168]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2021-06-05 155648]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-06-05 1916928]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-06-05 118784]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2021-06-05 94536]
R3 gameflt;@oem70.inf,%ServiceName%;gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_10c518155fa47d97\gameflt.sys [2022-02-11 134568]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-08-20 6114384]
R3 McAfeeIntegrationDriver;@oem20.inf,%McAfeeIntegrationDriver.SVCDESC%;McAfeeIntegrationDriver Service; C:\WINDOWS\System32\drivers\McAfeeIntegrationDriver.sys [2019-09-16 49928]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2021-06-05 377144]
R3 Qcamain10x64;@oem8.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2020-12-20 2455232]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2021-06-05 245760]
S0 AppleSSD;@AppleSSD.inf,%DevDesc1%;Apple Solid State Drive Device; C:\WINDOWS\System32\drivers\AppleSSD.sys [2021-06-05 112440]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2021-06-05 74040]
S0 ebdrv0;@netevbd0a.inf,%vbd_srv_desc%;QLogic Legacy Ethernet Adapter VBD; C:\WINDOWS\System32\drivers\evbd0a.sys [2021-06-05 3423032]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2021-06-05 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2021-06-05 884552]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2021-06-05 176952]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2021-06-05 124240]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2021-06-05 137552]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2021-06-05 80696]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2021-06-05 100176]
S0 mpi3drvi;mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [2021-06-05 87352]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2021-06-05 201024]
S0 nvmedisk;@nvmedisk.inf,%nvmedisk.SvcDesc%;Microsoft NVMe disk driver; C:\WINDOWS\System32\drivers\nvmedisk.sys [2021-06-05 82240]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2021-06-05 58704]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2021-06-05 68432]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2021-06-05 172360]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2021-06-05 69960]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2021-06-05 209224]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2021-06-05 53248]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2021-06-05 700416]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-06-05 45056]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2021-06-05 507904]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-06-05 81920]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2021-06-05 81920]
S3 ExecutionContext;@%SystemRoot%\System32\Drivers\ExecutionContext.sys,-101; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [2021-06-05 61440]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_dc3260bbd08046c4\genericusbfn.sys [2021-06-05 57344]
S3 GeneStor;@oem62.inf,%GeneStor.SvcDesc%;Genesys Logic Storage Driver; C:\WINDOWS\System32\drivers\GeneStor.sys [2020-05-19 134272]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2021-06-05 86352]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2021-06-05 131072]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2021-06-05 118784]
S3 hvservice;@hvservice.inf,%hvservice.SvcDesc%;Microsoft Hypervisor Service Driver; C:\WINDOWS\System32\drivers\hvservice.sys [2021-06-05 131400]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2021-06-05 57344]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2021-06-05 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2021-06-05 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2021-06-05 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2021-06-05 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2021-06-05 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2021-06-05 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2021-06-05 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2021-06-05 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2021-06-05 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2021-06-05 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2021-06-05 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2021-06-05 558928]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2021-06-05 69632]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2021-06-05 61440]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2021-06-05 94520]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2021-06-05 561480]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2021-06-05 90440]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-06-05 425984]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2021-06-05 94208]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2021-06-05 1131344]
S3 MpKsl9c375d4d;MpKsl9c375d4d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{65251DED-1816-4266-96A3-CD8007BBC8B2}\MpKslDrv.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2021-06-05 146256]
S3 NDKPerf;NDKPerf Driver; C:\WINDOWS\system32\drivers\NDKPerf.sys [2021-06-05 78152]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2021-06-05 102712]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-06-05 348160]
S3 P9Rdr;@%SystemRoot%\System32\drivers\p9rdr.sys,-100; C:\WINDOWS\System32\drivers\p9rdr.sys [2021-06-05 135496]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-06-05 164152]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2021-06-05 49152]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2021-06-05 57344]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2021-06-05 1016120]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2021-06-05 143360]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2021-06-05 65856]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2021-06-05 69960]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0370421.inf_amd64_8f365dc2ded16925\B370101\atiesrxx.exe [2021-08-07 602952]
R2 AMD Log Utility;AMD Log Utility; C:\WINDOWS\System32\amdlogsr.exe [2020-06-11 486320]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [2021-03-13 384432]
R2 cbdhsvc_7da8a;Používateľská služba schránky_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R2 CDPUserSvc_7da8a;Connected Devices Platform User Service_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2022-01-25 12119432]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R2 DolbyDAXAPI;@oem21.inf,%ServiceDisplayName%;Dolby DAX API Service; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [2020-07-06 1928648]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R2 FMAPOService;Fortemedia APO Control Service; C:\WINDOWS\System32\FMService64.exe [2020-07-13 390400]
R2 GamingServices;Gaming Services; C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.4001.0_x64__8wekyb3d8bbwe\GamingServices.exe [2022-02-11 75240]
R2 GamingServicesNet;Gaming Services; C:\Program Files\WindowsApps\Microsoft.GamingServices_3.62.4001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe [2022-02-11 75240]
R2 HPPrintScanDoctorService;HP Print Scan Doctor Service; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [2021-05-15 288360]
R2 ImControllerService;@oem4.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-01-28 84240]
R2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [2021-12-14 31016]
R2 OneSyncSvc_7da8a;Sync Host_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R2 QcomWlanSrv;Qualcomm Atheros WLAN Driver Service; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [2020-12-20 200384]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\WINDOWS\System32\RtkAudUService64.exe [2020-08-21 1140456]
R3 BluetoothUserService_7da8a;Služba podpory používateľov rozhrania Bluetooth_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 NPSMSvc_7da8a;NPSMSvc_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 PimIndexMaintenanceSvc_7da8a;Kontaktné údaje_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-06-05 140864]
S2 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-28 223120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-06 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 AarSvc_7da8a;Agent Activation Runtime_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 BcastDVRUserService_7da8a;GameDVR and Broadcast User Service_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 CaptureService_7da8a;CaptureService_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 ConsentUxUserSvc_7da8a;ConsentUX User Service_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-06-05 454888]
S3 CredentialEnrollmentManagerUserSvc_7da8a;CredentialEnrollmentManagerUserSvc_7da8a; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-06-05 454888]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DeviceAssociationBrokerSvc_7da8a;DeviceAssociationBroker_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DevicePickerUserSvc_7da8a;DevicePicker_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DevicesFlowUserSvc_7da8a;DevicesFlow_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-06-05 110592]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-10-28 223120]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 EpicOnlineServices;Epic Online Services; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [2021-10-21 16029472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 FrameServerMonitor;@%systemroot%\system32\FrameServerMonitor.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\98.0.4758.82\elevation_service.exe [2022-01-29 1505112]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-06 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 mcafeeintegrationservice;@oem61.inf,%ServiceDisplayName%;mcafeeintegrationservice; C:\WINDOWS\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2019-09-16 2584344]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 MessagingService_7da8a;MessagingService_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\98.0.1108.50\elevation_service.exe [2022-02-10 1542032]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 NPSMSvc;@%SystemRoot%\system32\npsm.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 ose64;Office 64 Source Engine; c:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-02 263712]
S3 P9RdrService;@%systemroot%\system32\p9rdrservice.dll,-102; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 P9RdrService_7da8a;P9RdrService_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 PenService;@%SystemRoot%\system32\PenService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 PenService_7da8a;PenService_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-06-05 237568]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 PrintWorkflowUserSvc_7da8a;PrintWorkflow_7da8a; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2021-06-05 78880]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-06-05 1187840]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-06-05 78880]

-----------------EOF-----------------

jacho6380 · #2 Příspěvek od **jacho6380** » 12 úno 2022 09:26

Nejde mi vypnut ani deffender a kopu aplikacii hadze chybu

#3 Příspěvek od **Rudy** » 12 úno 2022 11:16

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT je již dávno za zenitem.

jacho6380 · #4 Příspěvek od **jacho6380** » 12 úno 2022 13:53

Dobry den, to mi prave nejde, deffender mi ho zablokuje a samotny deffender otvorit nejde, to je prave to ze vela aplikacii nejde

#5 Příspěvek od **Rudy** » 12 úno 2022 16:13

AV se musí vypnout, pokud považuje FRST za virus. V 11 neudělám s RSIT vůbec nic.

jacho6380 · #6 Příspěvek od **jacho6380** » 13 úno 2022 14:05

Ked chcem otvorit deffender mi napise aplikacia sa neda otvorit

jacho6380 · #7 Příspěvek od **jacho6380** » 13 úno 2022 14:32

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by 42191 (administrator) on LAPTOP-EE1CTV48 (LENOVO 82GW) (13-02-2022 14:20:09)
Running from C:\Users\42191\Downloads
Loaded Profiles: 42191
Platform: Microsoft Windows 11 Home Version Dev 22000.1 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1140456 2020-08-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\42191\AppData\Local\Microsoft\Teams\Update.exe [2459304 2021-12-16] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33648608 2022-02-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2367352 2022-02-11] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Uninstall 21.050.0310.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\21.050.0310.0001\amd64" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Uninstall 21.050.0310.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\21.050.0310.0001" <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06F39B99-9CEF-487A-946D-FA61E29EB99F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {19C675C4-2376-4EBD-B9B4-E93BFE6B4F0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BD6821E-71EE-43EE-AEEB-DB9EC27A2014} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1C82C31B-48FA-4F6D-95AE-009C5E2BA594} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1c5aeefa-ba9c-401f-9a4e-d4035e81eb05 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {1CCE622E-B634-4B73-BD63-EBA448DBE2DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)
Task: {217F0385-884F-4087-8FCB-F3F47D6F0E56} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5395e4a9-d343-4ca1-916d-21e59be6e634 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {23CC5C77-E7CA-4CDA-9C46-A86D98049068} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {2746C2DA-44E4-44DF-BC3D-938549621245} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {304535B2-2641-4F46-94BA-A788D504C5ED} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {59D0EF06-90D1-4DC1-9D9E-C0FEED439D09} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-15] (HP Inc. -> HP Inc.)
Task: {64F9655E-2701-4DC4-B3B9-DC095D441253} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8adf1ec4-298b-442e-aa8a-b48082b43609 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {6EC1EBFC-B914-43AA-B433-B6824A8F8EF1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {7ECD3C2D-F44B-4EA7-8643-BF8D3E6AC902} - System32\Tasks\Mirkat => C:\Users\42191\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-08-29] () [simlink -> ]
Task: {8991486D-33A3-4983-86AA-C12FBDD6CEA8} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {AC9B865D-C3BC-4568-8E69-B49AA0BC5C7D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {B74204F3-823E-470B-8F71-BA42851792F8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BFDB6329-77BD-4CC9-83C7-3DD75AB79E64} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\7b691cc3-1c0a-4b8b-b7da-38cab77d386b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {C7C1CCCB-FA8E-4275-B544-F714545694DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CAB83D19-A7D3-4BF3-983A-779D984658AD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D0D3711F-4CF6-4CB6-9FEA-B078B5609365} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5b6229ec-3dfa-4cbb-b8bc-ca30d69d13c6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D1EA65DA-03C8-4FBB-977F-93114BCF9745} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2428E9D-946B-4D6A-8463-8091565A705E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {D796EC8D-DA47-4FA3-BBF2-8CB8FE6DA02E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7C9DD5F-53D6-478B-B7DD-92ECC50623E8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-15] (HP Inc. -> HP Inc.)
Task: {E8296C3B-52FB-4550-A688-EC67CC92A743} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F580714D-9A59-4631-8190-6CE27DC30D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)
Task: {FDF18F28-6BFD-4A78-983D-FAAA3007CC92} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{84f5616d-5840-4bc2-b324-863758f9ea2d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42191\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-07]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\42191\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-27]
CHR Profile: C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-02-13]
CHR Extension: (Prezentácie) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-25]
CHR Extension: (Dokumenty) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-25]
CHR Extension: (Disk Google) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-25]
CHR Extension: (YouTube) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-25]
CHR Extension: (Tabuľky) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-25]
CHR Extension: (Gmail) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-25]
CHR Profile: C:\Users\42191\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-25] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-07-06] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-15] (HP Inc. -> HP Inc.)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 mcafeeintegrationservice; C:\WINDOWS\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0370421.inf_amd64_8f365dc2ded16925\B370101\amdkmdag.sys [80463176 2021-08-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [134272 2020-05-19] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 McAfeeIntegrationDriver; C:\WINDOWS\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
S3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [38312 2021-10-11] (Phoenix Technologies Ltd. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9c375d4d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{65251DED-1816-4266-96A3-CD8007BBC8B2}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-13 14:20 - 2022-02-13 14:20 - 000017606 _____ C:\Users\42191\Downloads\FRST.txt
2022-02-13 14:20 - 2022-02-13 14:20 - 000000000 ____D C:\FRST
2022-02-13 14:19 - 2022-02-13 14:19 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-02-13 14:11 - 2022-02-13 14:11 - 000000000 ____D C:\WINDOWS\pss
2022-02-12 09:24 - 2022-02-12 09:24 - 000000000 ____D C:\rsit
2022-02-12 09:24 - 2022-02-12 09:24 - 000000000 ____D C:\Program Files\trend micro
2022-02-12 09:22 - 2022-02-12 09:22 - 000000000 ____D C:\AdwCleaner
2022-02-12 09:21 - 2022-02-12 09:21 - 008540344 _____ (Malwarebytes) C:\Users\42191\Downloads\adwcleaner.exe
2022-02-12 09:15 - 2022-02-12 09:15 - 002311680 _____ (Farbar) C:\Users\42191\Downloads\FRST64.exe
2022-02-12 09:04 - 2022-02-12 09:04 - 000000000 ____D C:\WINDOWS\Panther
2022-02-11 22:33 - 2022-02-11 22:33 - 000000000 ___HD C:\$WinREAgent
2022-02-11 11:24 - 2022-02-11 11:24 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\Sun
2022-02-11 11:24 - 2022-02-11 11:24 - 000000000 ____D C:\Users\TEMP\AppData\Local\OneDrive
2022-02-11 11:20 - 2022-02-11 11:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2718211263-957613367-2003098252-1002
2022-02-11 11:20 - 2022-02-11 11:20 - 000002355 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-11 11:20 - 2022-02-11 11:20 - 000000000 ___RD C:\Users\TEMP\OneDrive
2022-02-11 11:20 - 2022-02-11 11:20 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2022-02-11 11:19 - 2022-02-11 11:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\PlaceholderTileLogoFolder
2022-02-11 11:19 - 2022-02-11 11:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\packages
2022-02-11 11:18 - 2022-02-13 14:20 - 000000000 ____D C:\Users\TEMP
2022-02-11 11:18 - 2022-02-11 11:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\Lenovo
2022-02-11 11:18 - 2022-02-11 11:18 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\AMD
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\D3DSCache
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\AMD
2022-02-11 11:18 - 2021-10-11 13:59 - 000000000 ____D C:\Users\TEMP\AppData\Local\Epic Games
2022-02-11 11:18 - 2021-06-05 13:04 - 000001281 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-02-11 11:18 - 2021-06-05 13:04 - 000000407 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-02-11 11:14 - 2022-02-11 11:14 - 000000000 ____D C:\Users\Evka\AppData\Roaming\vlc
2022-02-11 11:13 - 2022-02-11 11:13 - 000000000 _____ C:\Users\Evka\AppData\Local\{3A4C6331-CFBA-47A9-8764-4D755AC75192}
2022-02-11 11:12 - 2022-02-11 11:12 - 000000000 ____D C:\Users\Evka\AppData\Local\Lenovo
2022-02-11 11:11 - 2022-02-11 11:11 - 000000020 ___SH C:\Users\Evka\ntuser.ini
2022-02-11 11:11 - 2022-02-11 11:11 - 000000000 ____D C:\Users\Evka\AppData\Local\Google
2022-02-11 11:11 - 2022-02-11 11:11 - 000000000 ____D C:\Users\Evka\AppData\Local\D3DSCache
2022-02-10 19:00 - 2021-06-01 07:28 - 017869208 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-02-10 19:00 - 2021-06-01 07:28 - 009744808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-02-09 09:18 - 2022-02-11 17:15 - 000000000 ____D C:\Users\42191\AppData\Roaming\vlc
2022-02-07 13:36 - 2022-02-12 08:59 - 000000000 ____D C:\Users\42191\AppData\Local\Discord
2022-02-07 13:36 - 2022-02-07 13:36 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup (3).exe
2022-02-07 13:29 - 2022-02-07 13:29 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup (2).exe
2022-02-07 00:17 - 2022-02-07 00:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-07 00:16 - 2022-02-13 14:18 - 000803404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-07 00:15 - 2022-02-13 14:05 - 000000000 ____D C:\Users\42191\AppData\Local\D3DSCache
2022-02-07 00:15 - 2022-02-07 00:15 - 000000020 ___SH C:\Users\42191\ntuser.ini
2022-02-07 00:14 - 2022-02-13 14:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-07 00:14 - 2022-02-11 11:20 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2718211263-957613367-2003098252-1002
2022-02-07 00:14 - 2022-02-07 00:14 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2022-02-07 00:14 - 2022-02-07 00:14 - 000017148 _____ C:\WINDOWS\diagerr.xml
2022-02-07 00:14 - 2022-02-07 00:14 - 000004036 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2022-02-07 00:14 - 2022-02-07 00:14 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-07 00:14 - 2022-02-07 00:14 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-07 00:14 - 2022-02-07 00:14 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-07 00:14 - 2022-02-07 00:14 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-07 00:14 - 2022-02-07 00:14 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2718211263-957613367-2003098252-1001
2022-02-07 00:14 - 2022-02-07 00:14 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2718211263-957613367-2003098252-1001
2022-02-07 00:14 - 2022-02-07 00:14 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2718211263-957613367-2003098252-500
2022-02-07 00:14 - 2022-02-07 00:14 - 000002016 _____ C:\WINDOWS\system32\Tasks\Mirkat
2022-02-07 00:14 - 2022-02-07 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-02-07 00:14 - 2022-02-07 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-02-07 00:14 - 2020-10-28 11:23 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-41625546-4094016361-2638902570-500
2022-02-07 00:14 - 2020-05-06 19:41 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3643460898-1865012685-2946422182-500
2022-02-07 00:08 - 2022-02-11 11:28 - 000000000 ____D C:\Users\42191
2022-02-07 00:08 - 2022-02-11 11:11 - 000000000 ____D C:\Users\Evka
2022-02-07 00:08 - 2021-06-05 13:04 - 000001281 _____ C:\Users\Evka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-02-07 00:08 - 2021-06-05 13:04 - 000001281 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-02-07 00:08 - 2021-06-05 13:04 - 000000407 _____ C:\Users\Evka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-02-07 00:08 - 2021-06-05 13:04 - 000000407 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-02-07 00:06 - 2022-02-13 14:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-07 00:06 - 2022-02-07 00:14 - 000000000 ____D C:\Windows.old
2022-02-07 00:06 - 2022-02-07 00:06 - 000470176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-07 00:02 - 2022-02-07 00:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-02-07 00:01 - 2022-02-07 00:02 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-02-07 00:01 - 2022-02-07 00:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-02-06 19:12 - 2022-02-06 19:12 - 000000000 ____D C:\Users\42191\Tracing
2022-01-31 12:21 - 2022-01-31 12:21 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup (1).exe
2022-01-31 12:19 - 2022-01-31 12:19 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-13 14:19 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-02-13 14:14 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-13 14:14 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-13 14:14 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2022-02-13 14:12 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-13 14:11 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-13 14:10 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-13 14:10 - 2021-02-06 10:53 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-13 14:09 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-12 14:02 - 2021-02-06 10:54 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-12 09:24 - 2021-01-11 09:07 - 000000000 ____D C:\Users\42191\AppData\Local\PlaceholderTileLogoFolder
2022-02-12 09:20 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-12 09:20 - 2020-10-28 11:31 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-12 09:00 - 2021-10-11 15:43 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-02-12 08:59 - 2021-09-27 16:45 - 000000000 ____D C:\Users\42191\AppData\Roaming\discord
2022-02-12 08:51 - 2021-09-27 12:04 - 000000000 ____D C:\Users\42191\AppData\Local\CrashDumps
2022-02-11 20:35 - 2021-01-15 00:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-11 20:32 - 2021-11-20 21:17 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 002237928 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000337360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-02-11 20:30 - 2021-01-15 00:14 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-11 11:25 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-11 11:18 - 2020-05-06 19:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-11 11:11 - 2021-01-11 12:36 - 000000000 ____D C:\Users\Evka\AppData\Local\Packages
2022-02-10 17:51 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-09 07:07 - 2021-02-24 17:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-08 15:08 - 2021-01-11 09:06 - 000000000 __RDL C:\Users\42191\OneDrive
2022-02-07 13:37 - 2021-09-27 16:45 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-02-07 13:37 - 2021-01-11 09:11 - 000000000 ____D C:\Users\42191\AppData\Local\SquirrelTemp
2022-02-07 00:32 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-07 00:32 - 2021-01-11 09:04 - 000000000 ____D C:\Users\42191\AppData\Local\Packages
2022-02-07 00:32 - 2021-01-11 06:56 - 000000000 ____D C:\ProgramData\Packages
2022-02-07 00:26 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2022-02-07 00:14 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-07 00:14 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Windows Defender
2022-02-07 00:14 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-02-07 00:11 - 2021-06-05 13:10 - 000000000 __RHD C:\Users\Public\Libraries
2022-02-07 00:09 - 2021-09-29 15:54 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-02-07 00:09 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-02-07 00:09 - 2021-04-24 17:34 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-02-07 00:08 - 2021-10-11 14:04 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-02-07 00:07 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\appcompat
2022-02-07 00:07 - 2020-10-28 11:45 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2022-02-07 00:06 - 2021-12-09 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAC MW klient
2022-02-07 00:06 - 2021-12-09 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disig Web Signer
2022-02-07 00:06 - 2021-09-29 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-02-07 00:06 - 2021-09-17 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-02-07 00:06 - 2021-06-27 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-07 00:06 - 2021-06-05 13:14 - 000000000 ____D C:\WINDOWS\Setup
2022-02-07 00:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-07 00:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\spool
2022-02-07 00:06 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\USOPrivate
2022-02-07 00:06 - 2021-06-05 13:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-02-07 00:06 - 2021-05-23 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2022-02-07 00:06 - 2021-03-21 19:48 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-02-07 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-02-07 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-02-07 00:03 - 2020-10-28 11:45 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-02-07 00:03 - 2020-10-28 11:32 - 000000000 ____D C:\WINDOWS\Lenovo
2022-02-07 00:00 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\OCR
2022-02-06 23:58 - 2021-06-05 19:04 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-02-06 23:58 - 2021-06-05 19:04 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-02-06 23:58 - 2021-06-05 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-02-06 23:58 - 2021-06-05 18:57 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-01-28 20:04 - 2021-11-19 14:33 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-28 20:04 - 2021-11-19 14:33 - 000064256 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-28 20:04 - 2020-10-28 11:32 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-28 20:03 - 2021-11-19 14:33 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-26 09:42 - 2020-10-28 11:34 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-26 09:31 - 2021-01-11 08:59 - 000002374 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

safeboot: Minimal => The system is configured to boot to Safe Mode <==== ATTENTION
==================== End of FRST.txt ========================

jacho6380 · #8 Příspěvek od **jacho6380** » 13 úno 2022 14:32

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by 42191 (13-02-2022 14:21:04)
Running from C:\Users\42191\Downloads
Microsoft Windows 11 Home Version Dev 22000.1 (X64) (2022-02-06 23:14:46)
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

42191 (S-1-5-21-2718211263-957613367-2003098252-1001 - Administrator - Enabled) => C:\Users\42191
Administrator (S-1-5-21-2718211263-957613367-2003098252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2718211263-957613367-2003098252-503 - Limited - Disabled)
Evka (S-1-5-21-2718211263-957613367-2003098252-1002 - Administrator - Enabled) => C:\Users\TEMP
Guest (S-1-5-21-2718211263-957613367-2003098252-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2718211263-957613367-2003098252-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.06.07.2238 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{d91b7809-0832-4ef3-8f9f-89b80409368c}) (Version: 2.06.07.2238 - Advanced Micro Devices, Inc.) Hidden
Balík softvéru eID (HKLM-x32\...\{d2c66c1e-5862-43e7-abe2-9c895312112c}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
EAC MW klient (HKLM-x32\...\{E22CF5CA-5935-451D-9B9D-EAA79DE703BD}) (Version: 3.7.0 - Ministerstvo vnútra Slovenskej republiky)
Epic Games Launcher (HKLM-x32\...\{7733DDD0-3513-4A99-BFFE-A6D73BE49B50}) (Version: 1.2.35.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Teams) (Version: 1.4.00.32771 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA GeForce NOW 2.0.33.123 (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.33.123 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Roblox Player for 42191 (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for 42191 (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\roblox-studio) (Version: - Roblox Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2022-02-11] (Advanced Micro Devices Inc.) [Startup Task]
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2020-10-28] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-06] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-02-08] (HP Inc.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-29] (LENOVO INC.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-11-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-19] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-08-29] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2021-11-01] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.512.415.0_x86__55nm5eh3cm0pr [2022-02-08] (ROBLOX Corporation)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2718211263-957613367-2003098252-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\42191\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21264.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2718211263-957613367-2003098252-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\42191\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-08-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\42191\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2718211263-957613367-2003098252-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\sharepoint.com -> hxxps://zsmskuchyna-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\EAC MW klient\
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\42191\OneDrive\Počítač\hhhhhhhhhhhhhhhh.jpg
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{580022A0-F970-48F4-92BA-2944DC58D505}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{611EA158-3EC1-4DEF-BDB3-A4695B1DD1F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69B52C73-CDCF-4DBA-8502-E76CF032E0F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E23874A-38CD-42B2-A68A-1397764244FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4E535A78-981B-47C4-942A-CA74BDC6306B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FCDDEE8-F123-4633-9EC3-C128F0904792}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C52D1EC0-7985-4B31-BD0F-C3FCF62CDB38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{031E8818-39C1-4B3F-AF92-04B12A507684}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{97C731F1-CE4D-4EF5-B61F-BF378140CE63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [UDP Query User{904EE131-3E17-4CCF-A97B-F8686F98B1F6}C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F9DBB306-95AA-42A7-9A94-2EE1AE1C4A6D}C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{924B54B6-8DC6-44FF-917B-24906C12ADE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{56CC0264-889E-4B83-A8EA-61E406567A5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{735CE049-81EB-4E3E-8D59-BD5A754EBA7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{7222E934-51EB-4521-BABB-7C56ED5FE5BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [UDP Query User{D5F0591B-91BE-4D24-98AC-CBE50A77CCE2}C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{2C2593CC-CF2D-4812-88B2-56A42D156488}C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E3D1B428-14BE-48D0-8AC7-8B7C50A654BB}C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{3DA3E865-4646-4515-9B6A-4C29A114738B}C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{71232C3E-E479-4009-9BDC-2101E72FE134}C:\users\42191\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42191\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3F877831-EF54-45BD-B411-7F215F756FC9}C:\users\42191\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42191\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AFFCB813-39B2-4331-87F4-362F91D56192}C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [UDP Query User{0CDE4A7A-A8C0-4C86-9791-7BD8DA432454}C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [{80C0059F-BF29-4143-A68E-1F733553DED7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8E3ACCD5-4DB0-45AD-ADD1-155E91F5F352}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:56.99 GB) (Free:4.9 GB) (9%)
Check "VSS" service

==================== Faulty Device Manager Devices ============

Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek(R) Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Steam Streaming Microphone
Description: Steam Streaming Microphone
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Valve Corporation Audio DDK
Service: SteamStreamingMicrophone
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Steam Streaming Speakers
Description: Steam Streaming Speakers
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Valve Corporation Audio DDK
Service: SteamStreamingSpeakers
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: System Interface Foundation V2 Device
Description: System Interface Foundation V2 Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: ========================

Application errors:
==================
Error: (02/13/2022 02:14:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/13/2022 02:14:10 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/13/2022 02:11:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: OfficeC2RClient.exe, verzia: 16.0.14729.20254, časová značka: 0x61dc00d9
Názov chybujúceho modulu: OfficeC2RClient.exe, verzia: 16.0.14729.20254, časová značka: 0x61dc00d9
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000047206b
Identifikácia chybujúceho procesu: 0x1984
Čas spustenia chybujúcej aplikácie: 0x01d820dad959a609
Cesta chybujúcej aplikácie: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Cesta chybujúceho modulu: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Identifikácia hlásenia: 8ead5615-bc33-4411-b6a7-84f6d29662e9
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/13/2022 02:05:44 PM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.

Error: (02/12/2022 01:54:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.

Error: (02/12/2022 09:11:07 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.

Error: (02/12/2022 09:09:39 AM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.

Error: (02/12/2022 09:08:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe, verzia: 10.0.22000.1, časová značka: 0x5155ab18
Názov chybujúceho modulu: combase.dll, verzia: 10.0.22000.1, časová značka: 0x1f233a91
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000000000068cb6
Identifikácia chybujúceho procesu: 0xc18
Čas spustenia chybujúcej aplikácie: 0x01d81fe742be3252
Cesta chybujúcej aplikácie: C:\WINDOWS\System32\svchost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\combase.dll
Identifikácia hlásenia: 28ba1f50-9285-4f93-a447-770a0808a8c5
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

System errors:
=============
Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{6D18AD12-BDE3-4393-B311-099C346E6DF9}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{659CDEA7-489E-11D9-A9CD-000D56965251}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{BB6DF56B-CACE-11DC-9992-0019B93A3A84}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{1ECCA34C-E88A-44E3-8D6A-8921BDE9E452}

Error: (02/13/2022 02:21:33 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4D233817-B456-4E75-83D2-B17DEC544D12}

Windows Defender:
================Event[0]

Date: 2022-02-13 14:14:37
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. ਍

Date: 2022-02-11 20:37:15
Description:
N/A

Date: 2022-02-11 20:37:15
Description:
N/A

Date: 2022-02-11 13:54:24
Description:
N/A

Date: 2022-02-10 17:23:37
Description:
N/A

==================== Memory info ===========================

BIOS: LENOVO FQCN12WW 08/21/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 41%
Total physical RAM: 3467.15 MB
Available physical RAM: 2041.9 MB
Total Virtual: 6934.3 MB
Available Virtual: 5743.68 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:56.99 GB) (Free:4.89 GB) NTFS

\\?\Volume{3bb08ad6-2cc9-4369-9696-3cae3a4f9afd}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{ca13d2ac-3beb-4f4c-9702-1ea0042f6826}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 60DCFA44)

Partition: GPT.

==================== End of Addition.txt =======================

#9 Příspěvek od **Rudy** » 13 úno 2022 14:42

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

jacho6380 · #10 Příspěvek od **jacho6380** » 13 úno 2022 16:12

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-02-03.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-13-2022
# Duration: 00:00:06
# OS: Windows 10 Home
# Cleaned: 7
# Awaiting reboot:1
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\42191\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Evka\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\TEMP\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Needs Reboot Preinstalled.LenovoIMController Folder C:\Windows\LENOVO\IMCONTROLLER

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

***** Reboot Required to Complete *****

***** [ Folders ] *****

Cleaning failed C:\Windows\LENOVO\IMCONTROLLER

*************************

AdwCleaner[S00].txt - [2047 octets] - [12/02/2022 09:22:43]
AdwCleaner[S01].txt - [2108 octets] - [13/02/2022 15:36:18]
AdwCleaner[S02].txt - [2169 octets] - [13/02/2022 15:39:44]
AdwCleaner[S03].txt - [2230 octets] - [13/02/2022 15:43:22]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

#11 Příspěvek od **Rudy** » 13 úno 2022 16:34

Dejte nové kogy FRST+Addition.

jacho6380 · #12 Příspěvek od **jacho6380** » 13 úno 2022 18:14

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
Ran by 42191 (administrator) on LAPTOP-EE1CTV48 (LENOVO 82GW) (13-02-2022 18:03:44)
Running from C:\Users\42191\Downloads
Loaded Profiles: 42191
Platform: Microsoft Windows 11 Home Version 21H2 22000.318 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Safe Mode (minimal)

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1140456 2020-08-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\42191\AppData\Local\Microsoft\Teams\Update.exe [2489016 2022-02-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33648608 2022-02-10] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2367352 2022-02-11] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Uninstall 21.050.0310.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\21.050.0310.0001\amd64" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Uninstall 21.050.0310.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\21.050.0310.0001" <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.82\Installer\chrmstp.exe [2022-02-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {19C675C4-2376-4EBD-B9B4-E93BFE6B4F0E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BD6821E-71EE-43EE-AEEB-DB9EC27A2014} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {1CCE622E-B634-4B73-BD63-EBA448DBE2DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)
Task: {217F0385-884F-4087-8FCB-F3F47D6F0E56} - \Lenovo\ImController\TimeBasedEvents\5395e4a9-d343-4ca1-916d-21e59be6e634 -> No File <==== ATTENTION
Task: {23CC5C77-E7CA-4CDA-9C46-A86D98049068} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
Task: {2746C2DA-44E4-44DF-BC3D-938549621245} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {28F57DD5-8139-4A1B-8C7D-8076FB7935CE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A4493B1-F586-4FAD-939F-772DF903C33A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139664 2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {59D0EF06-90D1-4DC1-9D9E-C0FEED439D09} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-15] (HP Inc. -> HP Inc.)
Task: {6413007B-DCF4-4123-8D98-8A6ACE2886C4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139664 2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {64F9655E-2701-4DC4-B3B9-DC095D441253} - \Lenovo\ImController\TimeBasedEvents\8adf1ec4-298b-442e-aa8a-b48082b43609 -> No File <==== ATTENTION
Task: {6EC1EBFC-B914-43AA-B433-B6824A8F8EF1} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\ScheduleEventAction.exe [26408 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
Task: {7ECD3C2D-F44B-4EA7-8643-BF8D3E6AC902} - System32\Tasks\Mirkat => C:\Users\42191\AppData\Local\Microsoft\WindowsApps\MirkatService.exe [0 2021-08-29] () [simlink -> ]
Task: {8991486D-33A3-4983-86AA-C12FBDD6CEA8} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {AC9B865D-C3BC-4568-8E69-B49AA0BC5C7D} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
Task: {B74204F3-823E-470B-8F71-BA42851792F8} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BFDB6329-77BD-4CC9-83C7-3DD75AB79E64} - \Lenovo\ImController\TimeBasedEvents\7b691cc3-1c0a-4b8b-b7da-38cab77d386b -> No File <==== ATTENTION
Task: {C7C1CCCB-FA8E-4275-B544-F714545694DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CAB83D19-A7D3-4BF3-983A-779D984658AD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D0D3711F-4CF6-4CB6-9FEA-B078B5609365} - \Lenovo\ImController\TimeBasedEvents\5b6229ec-3dfa-4cbb-b8bc-ca30d69d13c6 -> No File <==== ATTENTION
Task: {D2428E9D-946B-4D6A-8463-8091565A705E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {D796EC8D-DA47-4FA3-BBF2-8CB8FE6DA02E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7C9DD5F-53D6-478B-B7DD-92ECC50623E8} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-15] (HP Inc. -> HP Inc.)
Task: {E2850C64-F665-494B-83EE-B06EF1837CAC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22882216 2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {E8296C3B-52FB-4550-A688-EC67CC92A743} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F580714D-9A59-4631-8190-6CE27DC30D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{84f5616d-5840-4bc2-b324-863758f9ea2d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42191\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-07]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\42191\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-11-27]
CHR Profile: C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-02-13]
CHR Extension: (Prezentácie) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-25]
CHR Extension: (Dokumenty) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-25]
CHR Extension: (Disk Google) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-25]
CHR Extension: (YouTube) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-25]
CHR Extension: (Tabuľky) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-11-25]
CHR Extension: (Gmail) - C:\Users\42191\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-25]
CHR Profile: C:\Users\42191\AppData\Local\Google\Chrome\User Data\System Profile [2021-11-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-07-06] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-21] (Epic Games Inc. -> Epic Games, Inc.)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-15] (HP Inc. -> HP Inc.)
S2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
S2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.10.26.0\LenovoVantageService.exe [31016 2021-12-14] (Lenovo -> Lenovo Group Ltd.)
S3 mcafeeintegrationservice; C:\WINDOWS\System32\DriverStore\FileRepository\mcafeeintegrationextension.inf_amd64_22df759ce010d03d\mcafeeintegrationservice.exe [2584344 2019-09-16] (McAfee, LLC. -> McAfee)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0370421.inf_amd64_8f365dc2ded16925\B370101\amdkmdag.sys [80463176 2021-08-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [134272 2020-05-19] (GENESYS LOGIC, INC. -> Genesys Logic)
S3 McAfeeIntegrationDriver; C:\WINDOWS\System32\drivers\McAfeeIntegrationDriver.sys [49928 2019-09-16] (McAfee, LLC. -> McAfee)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2020-06-01] (Valve Corp. -> )
S3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2020-06-01] (Valve Corp. -> )
S3 TDKLIB; c:\windows\TempInst\TdkLib64.sys [38312 2021-10-11] (Phoenix Technologies Ltd. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl9c375d4d; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{65251DED-1816-4266-96A3-CD8007BBC8B2}\MpKslDrv.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-13 15:38 - 2022-02-13 15:38 - 008540344 _____ (Malwarebytes) C:\Users\42191\Downloads\adwcleaner (1).exe
2022-02-13 15:01 - 2022-02-13 15:01 - 000002405 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school).lnk
2022-02-13 14:56 - 2022-02-13 14:56 - 000267264 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Dialogs.dll
2022-02-13 14:56 - 2022-02-13 14:56 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssText3d.scr
2022-02-13 14:56 - 2022-02-13 14:56 - 000014756 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-02-13 14:56 - 2022-02-13 14:56 - 000009522 _____ C:\WINDOWS\system32\ResPriUHMImageList
2022-02-13 14:56 - 2022-02-13 14:56 - 000009522 _____ C:\WINDOWS\system32\ResPriImageList
2022-02-13 14:56 - 2022-02-13 14:56 - 000009522 _____ C:\WINDOWS\system32\ResPriHMImageList
2022-02-13 14:56 - 2022-02-13 14:56 - 000009402 _____ C:\WINDOWS\system32\ResPriHMImageListLowCost
2022-02-13 14:56 - 2022-02-13 14:56 - 000008964 _____ C:\WINDOWS\system32\ResPriLMImageList
2022-02-13 14:56 - 2022-02-13 14:56 - 000008870 _____ C:\WINDOWS\system32\ResPriImageListLowCost
2022-02-13 14:56 - 2022-02-13 14:56 - 000006656 _____ C:\WINDOWS\SysWOW64\nrtapi.dll
2022-02-13 14:55 - 2022-02-13 14:55 - 000617648 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2022-02-13 14:55 - 2022-02-13 14:55 - 000425984 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-02-13 14:55 - 2022-02-13 14:55 - 000335872 _____ C:\WINDOWS\system32\Windows.Internal.UI.Dialogs.dll
2022-02-13 14:55 - 2022-02-13 14:55 - 000221184 _____ C:\WINDOWS\SysWOW64\Microsoft.Internal.FrameworkUdk.System.dll
2022-02-13 14:55 - 2022-02-13 14:55 - 000121344 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-02-13 14:55 - 2022-02-13 14:55 - 000041594 _____ C:\WINDOWS\SysWOW64\ctac.json
2022-02-13 14:55 - 2022-02-13 14:55 - 000036864 _____ C:\WINDOWS\system32\umpodev.dll
2022-02-13 14:55 - 2022-02-13 14:55 - 000003366 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2022-02-13 14:54 - 2022-02-13 14:54 - 000360448 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2022-02-13 14:54 - 2022-02-13 14:54 - 000286720 _____ C:\WINDOWS\system32\AggregatorHost.exe
2022-02-13 14:54 - 2022-02-13 14:54 - 000180224 _____ C:\WINDOWS\system32\CloudExperienceHostRedirection.dll
2022-02-13 14:54 - 2022-02-13 14:54 - 000099560 _____ C:\WINDOWS\system32\wow64con.dll
2022-02-13 14:54 - 2022-02-13 14:54 - 000077824 _____ C:\WINDOWS\system32\runexehelper.exe
2022-02-13 14:54 - 2022-02-13 14:54 - 000024576 _____ C:\WINDOWS\system32\nrtapi.dll
2022-02-13 14:54 - 2022-02-13 14:54 - 000003366 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2022-02-13 14:53 - 2022-02-13 14:53 - 000727576 _____ C:\WINDOWS\system32\TextShaping.dll
2022-02-13 14:53 - 2022-02-13 14:53 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-02-13 14:53 - 2022-02-13 14:53 - 000311296 _____ C:\WINDOWS\system32\Microsoft.Internal.FrameworkUdk.System.dll
2022-02-13 14:53 - 2022-02-13 14:53 - 000215552 _____ C:\WINDOWS\system32\CloudIdWxhExtension.dll
2022-02-13 14:53 - 2022-02-13 14:53 - 000172032 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-02-13 14:52 - 2022-02-13 14:52 - 000258048 _____ C:\WINDOWS\system32\CoreMas.dll
2022-02-13 14:52 - 2022-02-13 14:52 - 000208896 _____ C:\WINDOWS\system32\IHDS.dll
2022-02-13 14:52 - 2022-02-13 14:52 - 000167936 _____ C:\WINDOWS\system32\TpmTool.exe
2022-02-13 14:52 - 2022-02-13 14:52 - 000041594 _____ C:\WINDOWS\system32\ctac.json
2022-02-13 14:42 - 2022-02-13 14:42 - 000000000 ___HD C:\$WinREAgent
2022-02-13 14:21 - 2022-02-13 14:22 - 000028324 _____ C:\Users\42191\Downloads\Addition.txt
2022-02-13 14:20 - 2022-02-13 18:04 - 000016635 _____ C:\Users\42191\Downloads\FRST.txt
2022-02-13 14:20 - 2022-02-13 18:03 - 000000000 ____D C:\FRST
2022-02-13 14:19 - 2022-02-13 18:03 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-02-13 14:11 - 2022-02-13 18:02 - 000000000 ____D C:\WINDOWS\pss
2022-02-12 09:24 - 2022-02-12 09:24 - 000000000 ____D C:\rsit
2022-02-12 09:24 - 2022-02-12 09:24 - 000000000 ____D C:\Program Files\trend micro
2022-02-12 09:22 - 2022-02-13 15:45 - 000000000 ____D C:\AdwCleaner
2022-02-12 09:15 - 2022-02-12 09:15 - 002311680 _____ (Farbar) C:\Users\42191\Downloads\FRST64.exe
2022-02-12 09:04 - 2022-02-12 09:04 - 000000000 ____D C:\WINDOWS\Panther
2022-02-11 11:24 - 2022-02-11 11:24 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\Sun
2022-02-11 11:24 - 2022-02-11 11:24 - 000000000 ____D C:\Users\TEMP\AppData\Local\OneDrive
2022-02-11 11:20 - 2022-02-11 11:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2718211263-957613367-2003098252-1002
2022-02-11 11:20 - 2022-02-11 11:20 - 000002355 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-02-11 11:20 - 2022-02-11 11:20 - 000000000 ___RD C:\Users\TEMP\OneDrive
2022-02-11 11:20 - 2022-02-11 11:20 - 000000000 ____D C:\Users\TEMP\AppData\Local\VirtualStore
2022-02-11 11:19 - 2022-02-11 11:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\PlaceholderTileLogoFolder
2022-02-11 11:19 - 2022-02-11 11:19 - 000000000 ____D C:\Users\TEMP\AppData\Local\packages
2022-02-11 11:18 - 2022-02-13 15:45 - 000000000 ____D C:\Users\TEMP\AppData\Local\Lenovo
2022-02-11 11:18 - 2022-02-13 14:21 - 000000000 ____D C:\Users\TEMP
2022-02-11 11:18 - 2022-02-11 11:18 - 000000020 ___SH C:\Users\TEMP\ntuser.ini
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\LocalLow\AMD
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\Google
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\D3DSCache
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\ConnectedDevicesPlatform
2022-02-11 11:18 - 2022-02-11 11:18 - 000000000 ____D C:\Users\TEMP\AppData\Local\AMD
2022-02-11 11:18 - 2021-10-11 13:59 - 000000000 ____D C:\Users\TEMP\AppData\Local\Epic Games
2022-02-11 11:18 - 2021-06-05 13:04 - 000001281 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-02-11 11:18 - 2021-06-05 13:04 - 000000407 _____ C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-02-11 11:14 - 2022-02-11 11:14 - 000000000 ____D C:\Users\Evka\AppData\Roaming\vlc
2022-02-11 11:13 - 2022-02-11 11:13 - 000000000 _____ C:\Users\Evka\AppData\Local\{3A4C6331-CFBA-47A9-8764-4D755AC75192}
2022-02-11 11:12 - 2022-02-13 15:45 - 000000000 ____D C:\Users\Evka\AppData\Local\Lenovo
2022-02-11 11:11 - 2022-02-11 11:11 - 000000020 ___SH C:\Users\Evka\ntuser.ini
2022-02-11 11:11 - 2022-02-11 11:11 - 000000000 ____D C:\Users\Evka\AppData\Local\Google
2022-02-11 11:11 - 2022-02-11 11:11 - 000000000 ____D C:\Users\Evka\AppData\Local\D3DSCache
2022-02-10 19:00 - 2021-06-01 07:28 - 017869208 _____ C:\WINDOWS\system32\RsDMFT_Assets.dll
2022-02-10 19:00 - 2021-06-01 07:28 - 009744808 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-02-09 09:18 - 2022-02-11 17:15 - 000000000 ____D C:\Users\42191\AppData\Roaming\vlc
2022-02-07 13:36 - 2022-02-12 08:59 - 000000000 ____D C:\Users\42191\AppData\Local\Discord
2022-02-07 13:36 - 2022-02-07 13:36 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup (3).exe
2022-02-07 13:29 - 2022-02-07 13:29 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup (2).exe
2022-02-07 00:17 - 2022-02-07 00:17 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-02-07 00:16 - 2022-02-13 15:54 - 000803404 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-07 00:15 - 2022-02-13 14:05 - 000000000 ____D C:\Users\42191\AppData\Local\D3DSCache
2022-02-07 00:15 - 2022-02-07 00:15 - 000000020 ___SH C:\Users\42191\ntuser.ini
2022-02-07 00:14 - 2022-02-13 18:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-07 00:14 - 2022-02-13 15:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-02-07 00:14 - 2022-02-11 11:20 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2718211263-957613367-2003098252-1002
2022-02-07 00:14 - 2022-02-07 00:14 - 000017148 _____ C:\WINDOWS\diagwrn.xml
2022-02-07 00:14 - 2022-02-07 00:14 - 000017148 _____ C:\WINDOWS\diagerr.xml
2022-02-07 00:14 - 2022-02-07 00:14 - 000004036 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Startup
2022-02-07 00:14 - 2022-02-07 00:14 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-02-07 00:14 - 2022-02-07 00:14 - 000003386 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-07 00:14 - 2022-02-07 00:14 - 000003280 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-02-07 00:14 - 2022-02-07 00:14 - 000003162 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-07 00:14 - 2022-02-07 00:14 - 000003062 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2718211263-957613367-2003098252-1001
2022-02-07 00:14 - 2022-02-07 00:14 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2718211263-957613367-2003098252-1001
2022-02-07 00:14 - 2022-02-07 00:14 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2718211263-957613367-2003098252-500
2022-02-07 00:14 - 2022-02-07 00:14 - 000002016 _____ C:\WINDOWS\system32\Tasks\Mirkat
2022-02-07 00:14 - 2022-02-07 00:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-02-07 00:14 - 2020-10-28 11:23 - 000002850 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-41625546-4094016361-2638902570-500
2022-02-07 00:14 - 2020-05-06 19:41 - 000003394 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3643460898-1865012685-2946422182-500
2022-02-07 00:08 - 2022-02-13 14:11 - 000000000 ____D C:\Users\42191
2022-02-07 00:08 - 2022-02-11 11:11 - 000000000 ____D C:\Users\Evka
2022-02-07 00:08 - 2021-06-05 13:04 - 000001281 _____ C:\Users\Evka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-02-07 00:08 - 2021-06-05 13:04 - 000001281 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools.lnk
2022-02-07 00:08 - 2021-06-05 13:04 - 000000407 _____ C:\Users\Evka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-02-07 00:08 - 2021-06-05 13:04 - 000000407 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\File Explorer.lnk
2022-02-07 00:06 - 2022-02-13 18:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-07 00:06 - 2022-02-13 15:49 - 000470176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-02-07 00:06 - 2022-02-07 00:14 - 000000000 ____D C:\Windows.old
2022-02-07 00:02 - 2022-02-07 00:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2022-02-07 00:01 - 2022-02-07 00:02 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2022-02-07 00:01 - 2022-02-07 00:01 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2022-02-06 19:12 - 2022-02-06 19:12 - 000000000 ____D C:\Users\42191\Tracing
2022-01-31 12:21 - 2022-01-31 12:21 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup (1).exe
2022-01-31 12:19 - 2022-01-31 12:19 - 082973864 _____ (Discord Inc.) C:\Users\42191\Downloads\DiscordSetup.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-02-13 18:03 - 2021-06-05 13:09 - 000000000 ____D C:\WINDOWS\INF
2022-02-13 18:02 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-13 18:02 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-13 18:02 - 2021-06-05 13:01 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-02-13 18:02 - 2020-05-06 19:33 - 000012288 ___SH C:\DumpStack.log.tmp
2022-02-13 18:01 - 2021-02-06 10:53 - 000000000 ____D C:\Program Files (x86)\Google
2022-02-13 17:10 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-02-13 16:11 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-13 16:10 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-13 16:09 - 2020-10-28 11:32 - 000000000 ____D C:\ProgramData\Lenovo
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-02-13 15:48 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-13 15:47 - 2021-06-05 19:04 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\Provisioning
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-02-13 15:47 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Common Files\System
2022-02-13 15:47 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\servicing
2022-02-13 15:45 - 2021-01-11 09:04 - 000000000 ____D C:\Users\42191\AppData\Local\Lenovo
2022-02-13 15:32 - 2021-06-05 13:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-02-13 15:09 - 2021-06-05 19:04 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2022-02-13 15:09 - 2021-06-05 19:04 - 000021047 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2022-02-13 14:42 - 2020-10-28 11:34 - 000000000 ____D C:\Program Files\Microsoft Office
2022-02-12 14:02 - 2021-02-06 10:54 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-02-12 09:24 - 2021-01-11 09:07 - 000000000 ____D C:\Users\42191\AppData\Local\PlaceholderTileLogoFolder
2022-02-12 09:20 - 2020-10-28 11:31 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-12 09:00 - 2021-10-11 15:43 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-02-12 08:59 - 2021-09-27 16:45 - 000000000 ____D C:\Users\42191\AppData\Roaming\discord
2022-02-12 08:51 - 2021-09-27 12:04 - 000000000 ____D C:\Users\42191\AppData\Local\CrashDumps
2022-02-11 20:35 - 2021-01-15 00:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-02-11 20:32 - 2021-11-20 21:17 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 002237928 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000337360 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000198096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-02-11 20:32 - 2021-09-27 19:00 - 000061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-02-11 20:30 - 2021-01-15 00:14 - 149611728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-11 11:18 - 2020-05-06 19:38 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-02-11 11:11 - 2021-01-11 12:36 - 000000000 ____D C:\Users\Evka\AppData\Local\Packages
2022-02-10 17:51 - 2020-05-06 19:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-09 07:07 - 2021-02-24 17:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-08 15:08 - 2021-01-11 09:06 - 000000000 __RDL C:\Users\42191\OneDrive
2022-02-07 13:37 - 2021-09-27 16:45 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2022-02-07 13:37 - 2021-01-11 09:11 - 000000000 ____D C:\Users\42191\AppData\Local\SquirrelTemp
2022-02-07 00:32 - 2021-06-05 13:10 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-07 00:32 - 2021-01-11 09:04 - 000000000 ____D C:\Users\42191\AppData\Local\Packages
2022-02-07 00:32 - 2021-01-11 06:56 - 000000000 ____D C:\ProgramData\Packages
2022-02-07 00:14 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Windows Defender
2022-02-07 00:14 - 2021-06-05 13:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-02-07 00:11 - 2021-06-05 13:10 - 000000000 __RHD C:\Users\Public\Libraries
2022-02-07 00:09 - 2021-09-29 15:54 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-02-07 00:09 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-02-07 00:09 - 2021-04-24 17:34 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2022-02-07 00:08 - 2021-10-11 14:04 - 000000000 ____D C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2022-02-07 00:07 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\appcompat
2022-02-07 00:07 - 2020-10-28 11:45 - 000000000 ____D C:\WINDOWS\system32\dolbyaposvc
2022-02-07 00:06 - 2021-12-09 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EAC MW klient
2022-02-07 00:06 - 2021-12-09 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disig Web Signer
2022-02-07 00:06 - 2021-09-29 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-02-07 00:06 - 2021-09-17 07:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2022-02-07 00:06 - 2021-06-27 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-02-07 00:06 - 2021-06-05 13:14 - 000000000 ____D C:\WINDOWS\Setup
2022-02-07 00:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-02-07 00:06 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\spool
2022-02-07 00:06 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\USOPrivate
2022-02-07 00:06 - 2021-06-05 13:08 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2022-02-07 00:06 - 2021-05-23 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office
2022-02-07 00:06 - 2021-03-21 19:48 - 000000000 ____D C:\WINDOWS\system32\Samsung
2022-02-07 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2022-02-07 00:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2022-02-07 00:03 - 2020-10-28 11:45 - 000000000 ____D C:\WINDOWS\system32\AMD
2022-02-07 00:03 - 2020-10-28 11:32 - 000000000 ____D C:\WINDOWS\Lenovo
2022-02-07 00:00 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\OCR
2022-02-06 23:58 - 2021-06-05 19:04 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-02-06 23:58 - 2021-06-05 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2022-02-06 23:58 - 2021-06-05 18:57 - 000000000 ____D C:\WINDOWS\system32\WCN
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-02-06 23:58 - 2021-06-05 13:10 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2022-01-28 20:04 - 2021-11-19 14:33 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2022-01-28 20:04 - 2021-11-19 14:33 - 000064256 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2022-01-28 20:04 - 2020-10-28 11:32 - 000109312 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2022-01-28 20:03 - 2021-11-19 14:33 - 000431016 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2022-01-26 09:31 - 2021-01-11 08:59 - 000002374 _____ C:\Users\42191\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

safeboot: Minimal => The system is configured to boot to Safe Mode <==== ATTENTION
==================== End of FRST.txt ========================

jacho6380 · #13 Příspěvek od **jacho6380** » 13 úno 2022 18:15

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2022
Ran by 42191 (13-02-2022 18:05:20)
Running from C:\Users\42191\Downloads
Microsoft Windows 11 Home Version 21H2 22000.318 (X64) (2022-02-06 23:14:46)
Boot Mode: Safe Mode (minimal)
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

42191 (S-1-5-21-2718211263-957613367-2003098252-1001 - Administrator - Enabled) => C:\Users\42191
Administrator (S-1-5-21-2718211263-957613367-2003098252-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2718211263-957613367-2003098252-503 - Limited - Disabled)
Evka (S-1-5-21-2718211263-957613367-2003098252-1002 - Administrator - Enabled) => C:\Users\TEMP
Guest (S-1-5-21-2718211263-957613367-2003098252-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2718211263-957613367-2003098252-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.06.07.2238 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{d91b7809-0832-4ef3-8f9f-89b80409368c}) (Version: 2.06.07.2238 - Advanced Micro Devices, Inc.) Hidden
Balík softvéru eID (HKLM-x32\...\{d2c66c1e-5862-43e7-abe2-9c895312112c}) (Version: 1.0.0.0 - Ministerstvo vnútra Slovenskej republiky) Hidden
Disig Web Signer (HKLM-x32\...\{41C0F02D-2389-4AB5-975C-C2363E7C554C}) (Version: 2.0.7 - Disig)
EAC MW klient (HKLM-x32\...\{E22CF5CA-5935-451D-9B9D-EAA79DE703BD}) (Version: 3.7.0 - Ministerstvo vnútra Slovenskej republiky)
Epic Games Launcher (HKLM-x32\...\{7733DDD0-3513-4A99-BFFE-A6D73BE49B50}) (Version: 1.2.35.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 98.0.4758.82 - Google LLC)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.10.26.0 - Lenovo Group Ltd.)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.14827.20192 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 98.0.1108.50 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\OneDriveSetup.exe) (Version: 22.002.0103.0004 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\Teams) (Version: 1.5.00.2164 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2FA9DAAC-895B-4E99-99D9-DC2965FBE79C}) (Version: 2.87.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA GeForce NOW 2.0.33.123 (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GeforceNOW) (Version: 2.0.33.123 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20088 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14827.20158 - Microsoft Corporation) Hidden
Roblox Player for 42191 (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for 42191 (HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\roblox-studio) (Version: - Roblox Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.20.10028.0_x64__0a9344xs7nr4m [2022-02-11] (Advanced Micro Devices Inc.) [Startup Task]
Dolby Audio -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAudio_3.20602.609.0_x64__rz1tebttyb220 [2020-10-28] (Dolby Laboratories)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-02-06] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_134.1.221.0_x64__v10z8vjag6ke6 [2022-02-08] (HP Inc.)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.2.15.0_x64__5grkq8ppsgwt4 [2021-11-21] (LENOVO INC) [Startup Task]
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2112.10.0_x64__k1h2ywk1493x8 [2021-12-29] (LENOVO INC.)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.68.0_x64__wafk5atnkzcwy [2021-11-17] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-02-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-19] (Microsoft Studios) [MS Ad]
Mirkat -> C:\Program Files\WindowsApps\Mirkat.Mirkat_1.0.305.0_x64__hm0vq9nycmfde [2021-08-29] (Mirkat)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2021-11-01] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.512.415.0_x86__55nm5eh3cm0pr [2022-02-08] (ROBLOX Corporation)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-29] (Microsoft Corporation)
Up in the Sky -> C:\Program Files\WindowsApps\Microsoft.UpintheSky_2.0.0.0_neutral__8wekyb3d8bbwe [2021-10-11] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2718211263-957613367-2003098252-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\42191\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21348.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2718211263-957613367-2003098252-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\42191\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-08-07] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\42191\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2718211263-957613367-2003098252-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2021-06-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-02-13] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2718211263-957613367-2003098252-1001\...\sharepoint.com -> hxxps://zsmskuchyna-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\EAC MW klient\
HKU\S-1-5-21-2718211263-957613367-2003098252-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\42191\OneDrive\Počítač\hhhhhhhhhhhhhhhh.jpg
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{580022A0-F970-48F4-92BA-2944DC58D505}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{611EA158-3EC1-4DEF-BDB3-A4695B1DD1F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{69B52C73-CDCF-4DBA-8502-E76CF032E0F0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5E23874A-38CD-42B2-A68A-1397764244FD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4E535A78-981B-47C4-942A-CA74BDC6306B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9FCDDEE8-F123-4633-9EC3-C128F0904792}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C52D1EC0-7985-4B31-BD0F-C3FCF62CDB38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{031E8818-39C1-4B3F-AF92-04B12A507684}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{97C731F1-CE4D-4EF5-B61F-BF378140CE63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [UDP Query User{904EE131-3E17-4CCF-A97B-F8686F98B1F6}C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{F9DBB306-95AA-42A7-9A94-2EE1AE1C4A6D}C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe] => (Allow) C:\users\42191\appdata\local\nvidia corporation\geforcenow\cef\geforcenow.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{924B54B6-8DC6-44FF-917B-24906C12ADE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{56CC0264-889E-4B83-A8EA-61E406567A5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{735CE049-81EB-4E3E-8D59-BD5A754EBA7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{7222E934-51EB-4521-BABB-7C56ED5FE5BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [UDP Query User{D5F0591B-91BE-4D24-98AC-CBE50A77CCE2}C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [TCP Query User{2C2593CC-CF2D-4812-88B2-56A42D156488}C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe] => (Block) C:\users\42191\appdata\roaming\.minecraft\runtime\jre-legacy\windows\jre-legacy\bin\javaw.exe
FirewallRules: [UDP Query User{E3D1B428-14BE-48D0-8AC7-8B7C50A654BB}C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [TCP Query User{3DA3E865-4646-4515-9B6A-4C29A114738B}C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe] => (Allow) C:\users\42191\appdata\roaming\.tlauncher\jvms\jre1.8.0_281\bin\javaw.exe
FirewallRules: [UDP Query User{71232C3E-E479-4009-9BDC-2101E72FE134}C:\users\42191\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42191\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{3F877831-EF54-45BD-B411-7F215F756FC9}C:\users\42191\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\42191\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AFFCB813-39B2-4331-87F4-362F91D56192}C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [UDP Query User{0CDE4A7A-A8C0-4C86-9791-7BD8DA432454}C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [{80C0059F-BF29-4143-A68E-1F733553DED7}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8E3ACCD5-4DB0-45AD-ADD1-155E91F5F352}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\98.0.1108.50\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:56.99 GB) (Free:4.68 GB) (8%)
Check "VSS" service

==================== Faulty Device Manager Devices ============

Name: Microsoft Hyper-V Virtualization Infrastructure Driver
Description: Microsoft Hyper-V Virtualization Infrastructure Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Vid
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Realtek(R) Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: AMD High Definition Audio Device
Description: AMD High Definition Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices
Service: AtiHDAudioService
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Steam Streaming Microphone
Description: Steam Streaming Microphone
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Valve Corporation Audio DDK
Service: SteamStreamingMicrophone
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Steam Streaming Speakers
Description: Steam Streaming Speakers
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Valve Corporation Audio DDK
Service: SteamStreamingSpeakers
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: System Interface Foundation V2 Device
Description: System Interface Foundation V2 Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Lenovo
Service: WUDFRd
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

==================== Event log errors: ========================

Application errors:
==================
Error: (02/13/2022 03:50:28 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\LAPTOP-EE1CTV48$ via https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep failed:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 13 Feb 2022 14:50:28 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 20991bca-e461-469b-8735-7769f40bba80

Method: GET(547ms)
Stage: GetCACaps
Not found (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (02/13/2022 03:50:27 PM) (Source: EID SK Card CSP v2.0) (EventID: 26) (User: )
Description: Event-ID 26

Error: (02/13/2022 03:50:27 PM) (Source: EID SK Card CSP v2.0) (EventID: 26) (User: )
Description: Event-ID 26

Error: (02/13/2022 02:14:10 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.

Error: (02/13/2022 02:14:10 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]

Error: (02/13/2022 02:11:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: OfficeC2RClient.exe, verzia: 16.0.14729.20254, časová značka: 0x61dc00d9
Názov chybujúceho modulu: OfficeC2RClient.exe, verzia: 16.0.14729.20254, časová značka: 0x61dc00d9
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000047206b
Identifikácia chybujúceho procesu: 0x1984
Čas spustenia chybujúcej aplikácie: 0x01d820dad959a609
Cesta chybujúcej aplikácie: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Cesta chybujúceho modulu: C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
Identifikácia hlásenia: 8ead5615-bc33-4411-b6a7-84f6d29662e9
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/13/2022 02:05:44 PM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.

Error: (02/12/2022 01:54:15 PM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: Product: Epic Games Launcher -- Epic Games Launcher is currently running and the Setup Wizard can not continue. Please close the Epic Games Launcher and run the Setup Wizard again.

System errors:
=============
Error: (02/13/2022 06:05:52 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{F087771F-D74F-4C1A-BB8A-E16ACA9124EA}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{6D18AD12-BDE3-4393-B311-099C346E6DF9}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{03CA98D6-FF5D-49B8-ABC6-03DD84127020}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{659CDEA7-489E-11D9-A9CD-000D56965251}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{BB6DF56B-CACE-11DC-9992-0019B93A3A84}

Error: (02/13/2022 06:05:44 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-EE1CTV48)
Description: DCOM got error "1084" attempting to start the service BITS with arguments "Unavailable" in order to run the server:
{1ECCA34C-E88A-44E3-8D6A-8921BDE9E452}

Windows Defender:
================Event[0]

Date: 2022-02-13 18:03:02
Description:
Microsoft Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem. ਍

Date: 2022-02-13 14:14:37
Description:
N/A

Date: 2022-02-11 20:37:15
Description:
N/A

Date: 2022-02-11 20:37:15
Description:
N/A

Date: 2022-02-11 13:54:24
Description:
N/A

==================== Memory info ===========================

BIOS: LENOVO FQCN12WW 08/21/2020
Motherboard: LENOVO LNVNB161216
Processor: AMD 3020e with Radeon Graphics
Percentage of memory in use: 48%
Total physical RAM: 3467.15 MB
Available physical RAM: 1791.77 MB
Total Virtual: 6934.3 MB
Available Virtual: 5463.39 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:56.99 GB) (Free:4.68 GB) NTFS

\\?\Volume{3bb08ad6-2cc9-4369-9696-3cae3a4f9afd}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{ca13d2ac-3beb-4f4c-9702-1ea0042f6826}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 60DCFA44)

Partition: GPT.

==================== End of Addition.txt =======================

jacho6380 · #14 Příspěvek od **jacho6380** » 13 úno 2022 18:16

Nech sa paci, mohol by som potom aj vediet co to sposobilo? Dakujem

#15 Příspěvek od **Rudy** » 13 úno 2022 18:55

Určitě můžete, ale nejprve ještě jedna operace. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FirewallRules: [{9FCDDEE8-F123-4633-9EC3-C128F0904792}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C52D1EC0-7985-4B31-BD0F-C3FCF62CDB38}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{031E8818-39C1-4B3F-AF92-04B12A507684}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{97C731F1-CE4D-4EF5-B61F-BF378140CE63}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{924B54B6-8DC6-44FF-917B-24906C12ADE8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{56CC0264-889E-4B83-A8EA-61E406567A5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{735CE049-81EB-4E3E-8D59-BD5A754EBA7D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{7222E934-51EB-4521-BABB-7C56ED5FE5BE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{AFFCB813-39B2-4331-87F4-362F91D56192}C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe => No File
FirewallRules: [UDP Query User{0CDE4A7A-A8C0-4C86-9791-7BD8DA432454}C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe] => (Allow) C:\users\42191\appdata\local\discord\app-1.0.9003\discord.exe => No File
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\Run: [OneDrive] => C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2367352 2022-02-11] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Uninstall 21.050.0310.0001\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\21.050.0310.0001\amd64" <==== ATTENTION
HKU\S-1-5-21-2718211263-957613367-2003098252-1002\...\RunOnce: [Uninstall 21.050.0310.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\TEMP\AppData\Local\Microsoft\OneDrive\21.050.0310.0001" <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {1CCE622E-B634-4B73-BD63-EBA448DBE2DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)
Task: {217F0385-884F-4087-8FCB-F3F47D6F0E56} - \Lenovo\ImController\TimeBasedEvents\5395e4a9-d343-4ca1-916d-21e59be6e634 -> No File <==== ATTENTION
Task: {23CC5C77-E7CA-4CDA-9C46-A86D98049068} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
ask: {64F9655E-2701-4DC4-B3B9-DC095D441253} - \Lenovo\ImController\TimeBasedEvents\8adf1ec4-298b-442e-aa8a-b48082b43609 -> No File <==== ATTENTION
Task: {BFDB6329-77BD-4CC9-83C7-3DD75AB79E64} - \Lenovo\ImController\TimeBasedEvents\7b691cc3-1c0a-4b8b-b7da-38cab77d386b -> No File <==== ATTENTION
Task: {CAB83D19-A7D3-4BF3-983A-779D984658AD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {D0D3711F-4CF6-4CB6-9FEA-B078B5609365} - \Lenovo\ImController\TimeBasedEvents\5b6229ec-3dfa-4cbb-b8bc-ca30d69d13c6 -> No File <==== ATTENTION
Task: {D2428E9D-946B-4D6A-8463-8091565A705E} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {F580714D-9A59-4631-8190-6CE27DC30D6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-06] (Google LLC -> Google LLC)
C:\Users\TEMP
C:\Users\Evka\AppData\Local\{3A4C6331-CFBA-47A9-8764-4D755AC75192}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte do C:\Users\42191\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

VIRY.CZ

Totalne pomaly NTB

Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB

Re: Totalne pomaly NTB