Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.04.2024 01
Ran by repov (administrator) on LAPTOP-CARLMBMQ (LENOVO 81D6) (07-04-2024 19:03:03)
Running from C:\Users\repov\Desktop\FRST64.exe
Loaded Profiles: repov
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\repov\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (8CC70D00-7114-4146-8535-9FE8123B749C -> CyberLink) C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\repov\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [460736 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11504544 2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [Opera Stable] => C:\Users\repov\AppData\Local\Programs\Opera\opera.exe [1580448 2024-03-21] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [Opera Browser Assistant] => C:\Users\repov\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66978208 2024-04-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\MountPoints2: {d7d6aadf-3085-11ee-8b9d-b0fc36baa326} - "E:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\Run: [MicrosoftEdgeAutoLaunch_FE7876EA14C837986BD580EB769A1861] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [65858576 2024-01-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Windows x64\Print Processors\Canon MG2400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBW.DLL [30208 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-11-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2400 series: C:\WINDOWS\system32\CNMLMBW.DLL [391168 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2400 series XPS: C:\WINDOWS\system32\CNMXLMBW.DLL [393728 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-31] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {E9B10E4C-B209-4FDA-A22E-05E0ED369E2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {65AD5BD9-E030-48E4-BA55-CEF3E0259598} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5225408 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {885DB202-14AE-427B-9B35-0EB3A7225789} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7991224 2024-03-25] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {04000E10-60D9-4234-BEA8-2432CF3C3075} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2024-01-05] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {5F322B17-2EC4-47CD-A72D-983A61880135} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {C7ECB11D-4EA5-4D3C-8B09-10371981CCE5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {5D26767E-137E-4A4A-8E22-570567699A51} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {82DCAB4D-CE87-430A-83EB-A8AC19A34355} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\86f64c62-faaa-44cf-97f4-53f5f096e0f6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {9406DDA7-E451-4BD8-9838-0215631465AD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a3ceb373-6424-4896-ad3f-7e9478a3a427 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {FE02ABA3-3968-4D57-BF33-05F3693CC481} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b6bdc574-cae2-4d2e-ba13-1cce753d3f34 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8EE0A99C-9FF6-4076-8F54-8274509F5804} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bad0b576-1a97-4aad-bb2b-364ad9ffc355 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {05CC5758-C56D-4A1B-8FC0-D96407DBD53F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c4c3a74d-7bfe-44d4-9c76-b9a1324d033d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {D09448E7-96F2-4DAA-BACA-64D1920E4674} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {D3D4D703-11B1-4E4A-8DEB-80105BF6EBE4} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {FF4E85D6-0905-4462-B983-3F8DF7B2AB65} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {698E20B0-8ADE-47F4-9C1E-7C65FEBA0FBC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {268AB45D-2AD1-4070-A9B8-AD65327E02A9} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {56DB5763-CDB5-4ACD-8715-51AC3A892B4C} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {3A8A6382-A1DE-4C11-A2EB-C1145B5D2D86} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6F0FAADC-A200-44C6-A259-20D49A0AEB32} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {41B088B2-6549-4EBE-A239-60393C85A077} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {1AA3C485-7918-4647-8AFD-76C45F4AECF1} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {324DF95C-34B8-4FD2-8A1C-80EFF7F13FD7} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {F1040B02-E0B7-4DA6-B27C-08F0346C11B7} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {EAB740B0-7D6C-4365-A893-BE4130BFE933} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {092243AE-6569-434B-A0C1-E7C33887E3EB} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {08B53E6E-FA94-4322-B595-EB662156261A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D0868230-8130-4425-8429-000A78574A8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E115F40B-8560-4B09-988C-76EA6B428AD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04542C44-D830-43EE-80BA-764AE23D5941} - System32\Tasks\Opera scheduled assistant Autoupdate 1704491115 => C:\Users\repov\AppData\Local\Programs\Opera\launcher.exe [1580448 2024-03-21] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\repov\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F1BE904E-6578-454A-BFD6-85C073E50524} - System32\Tasks\Opera scheduled Autoupdate 1704491018 => C:\Users\repov\AppData\Local\Programs\Opera\launcher.exe [1580448 2024-03-21] (Opera Norway AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d03cd3c-8033-4f9a-a65e-969f22447f70}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d03cd3c-8033-4f9a-a65e-969f22447f70}: [DhcpDomain] home
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}: [DhcpDomain] home
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}\25F6D656B6: [DhcpNameServer] 192.168.240.146
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}\65F6461666F6E656D224549363: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}\65F6461666F6E656D224549363: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
Edge Extension: (Edge relevant text changes) - C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-11]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]
Chrome:
=======
CHR Profile: C:\Users\repov\AppData\Local\Google\Chrome\User Data\Default [2024-04-07]
CHR DownloadDir: C:\Users\repov\Desktop\hudba
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.heureka.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\repov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\repov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-20]
CHR HKU\S-1-5-21-648718490-3214130810-706754298-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [802752 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1238456 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [9164216 2024-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-01-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [644976 2019-03-14] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2024-03-04] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2021-01-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [20528 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [230448 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [379960 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [292920 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84536 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [27760 2024-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [28728 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [268856 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [548912 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [93752 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69176 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [935992 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [695864 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [201680 2024-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [306232 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 ETD_Keyboard; C:\WINDOWS\System32\drivers\ETD.sys [743872 2019-09-25] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-07 19:03 - 2024-04-07 19:08 - 000028726 _____ C:\Users\repov\Desktop\FRST.txt
2024-04-07 18:56 - 2024-04-07 18:57 - 002393600 _____ (Farbar) C:\Users\repov\Desktop\FRST64.exe
2024-04-07 16:28 - 2024-04-02 16:28 - 000314816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe
2024-03-25 14:21 - 2024-03-25 14:21 - 000000762 _____ C:\Users\repov\Desktop\výživné.txt
2024-03-23 11:39 - 2024-03-23 11:39 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-23 11:37 - 2024-03-23 11:37 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-23 10:29 - 2024-03-23 10:29 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-07 19:19 - 2021-09-01 17:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-07 19:08 - 2023-03-17 20:36 - 000000000 ____D C:\Users\repov\Desktop\hudba
2024-04-07 19:06 - 2023-02-12 10:14 - 000000000 ____D C:\FRST
2024-04-07 18:58 - 2021-09-02 01:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-07 18:56 - 2022-01-11 17:29 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-07 18:56 - 2021-10-20 15:26 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-07 18:52 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-07 18:49 - 2021-09-02 01:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-07 16:57 - 2022-03-01 20:41 - 000002384 _____ C:\Users\repov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-07 16:57 - 2022-01-11 11:23 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-648718490-3214130810-706754298-1001
2024-04-07 16:57 - 2021-09-01 17:29 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648718490-3214130810-706754298-1001
2024-04-07 16:48 - 2021-09-01 17:04 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-07 16:47 - 2021-09-02 01:33 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-07 16:47 - 2021-09-02 01:33 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-07 16:41 - 2021-09-01 17:23 - 000000000 ____D C:\Users\repov\AppData\Local\D3DSCache
2024-04-07 16:31 - 2023-03-26 20:39 - 000000000 ____D C:\ProgramData\AVG
2024-04-07 16:29 - 2024-01-05 23:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2024-04-07 16:28 - 2021-09-01 17:04 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-07 16:27 - 2021-09-02 01:34 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2024-04-07 16:26 - 2021-09-02 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-07 16:26 - 2021-09-02 01:31 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-07 16:26 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\ServiceState
2024-04-07 16:23 - 2021-09-02 01:34 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2024-04-07 16:23 - 2021-09-01 16:47 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-04-02 16:28 - 2024-01-05 23:47 - 000935992 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000695864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSP.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000548912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000306232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000268856 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000230448 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000020528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2024-04-01 19:32 - 2021-10-24 15:00 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-03-31 15:26 - 2021-09-01 17:22 - 000000000 ____D C:\Users\repov\AppData\Local\Packages
2024-03-31 15:16 - 2023-07-01 20:27 - 000000252 _____ C:\Users\repov\AppData\LocalLow\rbxcsettings.rbx
2024-03-31 15:14 - 2023-07-01 20:31 - 000001398 _____ C:\Users\repov\Desktop\Roblox Studio.lnk
2024-03-31 15:14 - 2023-07-01 20:31 - 000000000 ____D C:\Users\repov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-03-31 15:02 - 2021-10-20 15:28 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-31 15:02 - 2021-10-20 15:28 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-25 13:44 - 2023-04-18 15:20 - 000000000 ____D C:\Users\repov\AppData\Local\CrashDumps
2024-03-24 17:09 - 2024-03-07 14:31 - 000003854 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1704491115
2024-03-24 17:09 - 2024-01-05 23:45 - 000003600 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1704491018
2024-03-24 17:09 - 2024-01-05 23:19 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-648718490-3214130810-706754298-1008
2024-03-24 17:09 - 2024-01-05 23:18 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648718490-3214130810-706754298-1008
2024-03-24 17:09 - 2023-06-23 16:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2024-03-24 17:09 - 2023-05-10 16:21 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
2024-03-24 17:09 - 2023-05-10 16:21 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
2024-03-24 17:09 - 2021-10-19 16:12 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-24 01:29 - 2021-09-01 17:01 - 000000000 ____D C:\WINDOWS\INF
2024-03-24 01:27 - 2021-09-02 01:31 - 000260712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-24 01:23 - 2021-09-01 16:47 - 000000000 ____D C:\WINDOWS\servicing
2024-03-23 11:52 - 2021-09-01 16:52 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-23 11:36 - 2021-09-02 01:34 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-23 08:47 - 2021-09-06 19:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-23 08:39 - 2021-09-06 19:01 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-23 00:28 - 2024-03-04 14:27 - 000000000 ____D C:\Users\repov\AppData\Roaming\recroom-launcher
2024-03-23 00:28 - 2021-09-01 17:15 - 000000000 ____D C:\Users\repov
2024-03-22 19:49 - 2022-09-18 18:51 - 000000000 ____D C:\Users\repov\AppData\Roaming\com.adobe.dunamis
2024-03-22 19:48 - 2023-10-16 15:46 - 000000000 ____D C:\Program Files\RUXIM
2024-03-22 19:42 - 2024-01-05 23:47 - 000935480 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000694728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000548920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw699cf4c0c4d3df12.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000306120 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000264760 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000230968 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000020424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp
2024-03-22 19:41 - 2022-03-24 14:05 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-22 19:38 - 2021-06-05 09:14 - 000699956 ____N C:\WINDOWS\Minidump\032224-60968-01.dmp
2024-03-22 01:25 - 2023-12-06 14:47 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-03-22 01:25 - 2022-10-13 08:26 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-09 20:48 - 2021-09-02 02:06 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 20:48 - 2021-09-01 17:10 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-09 20:48 - 2021-09-01 17:10 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\ShellComponents
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosim o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosim o kontrolu logu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.04.2024 01
Ran by repov (07-04-2024 19:23:33)
Running from C:\Users\repov\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-09-02 00:03:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-648718490-3214130810-706754298-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-648718490-3214130810-706754298-503 - Limited - Disabled)
Guest (S-1-5-21-648718490-3214130810-706754298-501 - Limited - Disabled)
repov (S-1-5-21-648718490-3214130810-706754298-1001 - Administrator - Enabled) => C:\Users\repov
romek (S-1-5-21-648718490-3214130810-706754298-1008 - Limited - Enabled) => C:\Users\romek
WDAGUtilityAccount (S-1-5-21-648718490-3214130810-706754298-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.3.8975.1633 - AVG)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.03 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.8.4 - Graeme Gott)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
MEmu (HKLM-x32\...\MEmu) (Version: 9.0.9.2 - Microvirt Software Technology Co., Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Rec Room Launcher 0.93.1 (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\d7c58ef5-8724-5a07-96d7-bb828f09e01c) (Version: 0.93.1 - Rec Room Inc.)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
Roblox Player for repov (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for repov (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\roblox-studio) (Version: - Roblox Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-12-14] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2024-03-22] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-22] ()
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2024-01-05] (Canon Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20301.311.0_x64__rz1tebttyb220 [2024-01-05] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation)
Edit Docx PLUS -> C:\Program Files\WindowsApps\24091FileFormatApps.WordEditorBasic_2.1.9.0_x64__8t2vtv4rwtrk0 [2023-12-14] (File Format Apps)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-02] (LENOVO INC) [Startup Task]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-31] (Microsoft Corporation)
PDF Reader Editor Elf -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.1.2.0_x64__1cyam58dzt1cw [2024-04-02] (PDF reader apps)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt [2024-01-05] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.4112.0_x86__m916jedk64snt [2024-01-05] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2024-01-05] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.615.606.0_x64__55nm5eh3cm0pr [2024-03-12] (Roblox Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation)
Scanner X -> C:\Program Files\WindowsApps\6760NGPDFLab.ScannerX_1.0.1.0_x64__sbe4t8mqwq93a [2023-12-14] (NG PDF Lab)
SoftOrbits MP3 Downloader for YouTube -> C:\Program Files\WindowsApps\SoftOrbits.SoftOrbitsMP3DownloaderforYouTube_1.6.0.0_x64__9808nkjsftezr [2023-12-20] (SoftOrbits)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-04] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-648718490-3214130810-706754298-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-648718490-3214130810-706754298-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-11-05 05:48 - 2023-11-05 05:48 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\repov\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A55678F5-D25F-4283-B096-E66E968F387A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16501.20210.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA186D8C-38A9-4052-942B-A78620128DA1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6342BFE-5425-41D5-8589-BFAA73000FF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BACA34BD-CA7D-45DF-9857-E8E476B21733}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE2962FF-98A9-4C23-85FC-EB6845E5096F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [{9533C497-2219-487D-A862-9E47399CB98C}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{7BB75AA7-25FC-4CE8-A480-220C8568B461}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{8E5AA71C-CF87-442B-80A1-FEC0DD19A441}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD39AFBB-A203-4E78-9982-B61C13D6FD33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C4E4C25-EB12-4E57-A538-137D248E04A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{38CF759B-7589-4F03-BCE7-29031F166C93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C0842D24-8130-4B11-857E-3103DCDF30EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F922DBF3-16C9-43C5-B83C-F04C5A192140}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F0E1C6F9-DB54-470C-A162-7D35A465F698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{369A65D4-0947-45C7-BDC5-129DDA7D424D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D112E9BA-3026-4330-B87C-BD335833A922}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B2BE20F0-C065-4A51-A7A4-4CDAF1A876FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [{3D77B781-67FE-4A7B-BCF6-86EEC4DF8973}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D97EEFC2-91CB-4E41-AC5B-B13B142F0432}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
12-03-2024 09:32:04 Naplánovaný kontrolní bod
22-03-2024 23:20:33 Naplánovaný kontrolní bod
23-03-2024 10:27:28 Instalační služba modulů systému Windows
23-03-2024 10:46:56 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/07/2024 04:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devicecensus.exe, verze: 10.0.19645.1046, časové razítko: 0x827fe5ce
Název chybujícího modulu: amdihk64.dll_unloaded, verze: 2.0.0.1788, časové razítko: 0x609abf7b
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000008528
ID chybujícího procesu: 0x34a4
Čas spuštění chybující aplikace: 0x01da88f87d3259ac
Cesta k chybující aplikaci: C:\WINDOWS\system32\devicecensus.exe
Cesta k chybujícímu modulu: amdihk64.dll
ID zprávy: 5fdac869-d55c-4283-bc51-bd54e0268d93
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/07/2024 04:28:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-CARLMBMQ$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 07 Apr 2024 14:28:03 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2cfac6e4-988b-40e7-be5e-9f0085a6d15f
Metoda: GET(907ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/07/2024 04:27:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DAX3API.exe, verze: 3.20301.323.0, časové razítko: 0x5c876b0e
Název chybujícího modulu: mscorlib.ni.dll, verze: 4.8.9181.0, časové razítko: 0x64b85429
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000577281
ID chybujícího procesu: 0x11f4
Čas spuštění chybující aplikace: 0x01da88f7ab41cada
Cesta k chybující aplikaci: C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
Cesta k chybujícímu modulu: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\mscorlib\987f639e2113a820112aca65fb12396c\mscorlib.ni.dll
ID zprávy: a86e7b3c-3c12-4d81-86a2-20a8790cd794
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/07/2024 04:27:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DAX3API.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na System.Collections.Generic.Dictionary`2[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(Int32, System.__Canon, Boolean)
na DAX.EnumEx.AddEnumType(System.Type)
na DAX.EnumEx.ToStrEx(System.Enum)
na DAX.RuntimeManager.IsGaming()
na DAX.DAXAPIImplement.StartSoundRadarHost(UInt32)
na DAX.DAXAPIImplement.StartAllDaemonProcess()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (04/01/2024 07:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devicecensus.exe, verze: 10.0.19645.1046, časové razítko: 0x827fe5ce
Název chybujícího modulu: amdihk64.dll_unloaded, verze: 2.0.0.1788, časové razítko: 0x609abf7b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004f9c
ID chybujícího procesu: 0x22c
Čas spuštění chybující aplikace: 0x01da845853643edc
Cesta k chybující aplikaci: C:\WINDOWS\system32\devicecensus.exe
Cesta k chybujícímu modulu: amdihk64.dll
ID zprávy: 05974756-c99d-4c28-b133-c60d61660278
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/31/2024 03:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LenovoVantage-(SmartPanelAddin).exe, verze: 4.0.52.0, časové razítko: 0xe85968c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001e7c1c904b8
ID chybujícího procesu: 0x3340
Čas spuštění chybující aplikace: 0x01da836cf38e6ef5
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(SmartPanelAddin).exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 77b014c2-1338-45a5-98b1-de0ea7666dff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/31/2024 03:11:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LenovoVantage-(SmartPanelAddin).exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.se_plugin_action(System.String, System.String, Byte**)
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.SendMsg(System.String, System.String, System.String)
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.GetAttention()
na SmartPanelAddin.Entry.Dispatcher.EventDispatcher.OnSessionChange(Lenovo.VantageService.Utilities.EventHub.EventArgs.SessionChangeEventArgs)
na Lenovo.VantageService.Utilities.Addin.AddinBase+<>c__DisplayClass18_0.<HandleEvent>b__0()
na System.Threading.Tasks.Task.Execute()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef)
na System.Threading.Tasks.Task.ExecuteEntry(Boolean)
na System.Threading.ThreadPoolWorkQueue.Dispatch()
Error: (03/25/2024 01:44:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.4170, časové razítko: 0x7d12a6cf
Název chybujícího modulu: SearchApp.exe, verze: 10.0.19041.4170, časové razítko: 0x7d12a6cf
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000018f78
ID chybujícího procesu: 0x2534
Čas spuštění chybující aplikace: 0x01da7ea9b74de0ee
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID zprávy: 0110bed5-abcd-4da6-9630-a5131aca5f04
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.13.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
System errors:
=============
Error: (04/07/2024 04:53:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace bezpečnostních informací pro Microsoft Defender Antivirus – KB2267602 (verze 1.409.88.0) – Aktuální kanál (široká distribuce).
Error: (04/07/2024 04:52:37 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/07/2024 04:51:18 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/07/2024 04:50:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/07/2024 04:35:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (04/07/2024 04:31:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (04/07/2024 04:29:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/02/2024 05:21:49 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Windows Defender:
================
Date: 2024-01-05 21:30:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {68DFF0F8-CCB1-443D-A8E8-A730BCCF284B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-01-03 19:14:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ADCEFE8B-1355-4E25-8F9C-0976DBB01A9C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-12-20 19:23:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D9B70EF4-6339-40AC-B652-6F3F5D8FF870}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-12-15 18:28:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2CB146A-7310-4558-B30B-459E607CA0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-12-06 14:27:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6EAB09DC-2DB5-4EA9-B3AD-26A3A82784B3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-12-19 12:30:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.680.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2023-12-19 12:30:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.680.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2024-04-07 16:43:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-04-07 16:43:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 8UCN19WW 05/14/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD A4-9125 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 61%
Total physical RAM: 7055.98 MB
Available physical RAM: 2683.02 MB
Total Virtual: 14223.98 MB
Available Virtual: 9291.41 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:776.78 GB) (Model: WDC WD10 SPZX-08Z10 SATA Disk Device) NTFS
\\?\Volume{d1d27b99-d0e1-4e91-ab23-f84200424eb5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{222f1be9-ef10-47fc-b444-2ffb6e83467a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70A00E01)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by repov (07-04-2024 19:23:33)
Running from C:\Users\repov\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-09-02 00:03:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-648718490-3214130810-706754298-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-648718490-3214130810-706754298-503 - Limited - Disabled)
Guest (S-1-5-21-648718490-3214130810-706754298-501 - Limited - Disabled)
repov (S-1-5-21-648718490-3214130810-706754298-1001 - Administrator - Enabled) => C:\Users\repov
romek (S-1-5-21-648718490-3214130810-706754298-1008 - Limited - Enabled) => C:\Users\romek
WDAGUtilityAccount (S-1-5-21-648718490-3214130810-706754298-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.3.8975.1633 - AVG)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.03 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.8.4 - Graeme Gott)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
MEmu (HKLM-x32\...\MEmu) (Version: 9.0.9.2 - Microvirt Software Technology Co., Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Rec Room Launcher 0.93.1 (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\d7c58ef5-8724-5a07-96d7-bb828f09e01c) (Version: 0.93.1 - Rec Room Inc.)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
Roblox Player for repov (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for repov (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\roblox-studio) (Version: - Roblox Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-12-14] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2024-03-22] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-22] ()
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2024-01-05] (Canon Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20301.311.0_x64__rz1tebttyb220 [2024-01-05] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation)
Edit Docx PLUS -> C:\Program Files\WindowsApps\24091FileFormatApps.WordEditorBasic_2.1.9.0_x64__8t2vtv4rwtrk0 [2023-12-14] (File Format Apps)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-02] (LENOVO INC) [Startup Task]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-31] (Microsoft Corporation)
PDF Reader Editor Elf -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.1.2.0_x64__1cyam58dzt1cw [2024-04-02] (PDF reader apps)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt [2024-01-05] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.4112.0_x86__m916jedk64snt [2024-01-05] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2024-01-05] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.615.606.0_x64__55nm5eh3cm0pr [2024-03-12] (Roblox Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation)
Scanner X -> C:\Program Files\WindowsApps\6760NGPDFLab.ScannerX_1.0.1.0_x64__sbe4t8mqwq93a [2023-12-14] (NG PDF Lab)
SoftOrbits MP3 Downloader for YouTube -> C:\Program Files\WindowsApps\SoftOrbits.SoftOrbitsMP3DownloaderforYouTube_1.6.0.0_x64__9808nkjsftezr [2023-12-20] (SoftOrbits)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-04] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-648718490-3214130810-706754298-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-648718490-3214130810-706754298-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-11-05 05:48 - 2023-11-05 05:48 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\repov\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A55678F5-D25F-4283-B096-E66E968F387A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16501.20210.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA186D8C-38A9-4052-942B-A78620128DA1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6342BFE-5425-41D5-8589-BFAA73000FF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BACA34BD-CA7D-45DF-9857-E8E476B21733}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE2962FF-98A9-4C23-85FC-EB6845E5096F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [{9533C497-2219-487D-A862-9E47399CB98C}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{7BB75AA7-25FC-4CE8-A480-220C8568B461}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{8E5AA71C-CF87-442B-80A1-FEC0DD19A441}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD39AFBB-A203-4E78-9982-B61C13D6FD33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C4E4C25-EB12-4E57-A538-137D248E04A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{38CF759B-7589-4F03-BCE7-29031F166C93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C0842D24-8130-4B11-857E-3103DCDF30EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F922DBF3-16C9-43C5-B83C-F04C5A192140}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F0E1C6F9-DB54-470C-A162-7D35A465F698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{369A65D4-0947-45C7-BDC5-129DDA7D424D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D112E9BA-3026-4330-B87C-BD335833A922}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B2BE20F0-C065-4A51-A7A4-4CDAF1A876FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [{3D77B781-67FE-4A7B-BCF6-86EEC4DF8973}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D97EEFC2-91CB-4E41-AC5B-B13B142F0432}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
12-03-2024 09:32:04 Naplánovaný kontrolní bod
22-03-2024 23:20:33 Naplánovaný kontrolní bod
23-03-2024 10:27:28 Instalační služba modulů systému Windows
23-03-2024 10:46:56 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/07/2024 04:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devicecensus.exe, verze: 10.0.19645.1046, časové razítko: 0x827fe5ce
Název chybujícího modulu: amdihk64.dll_unloaded, verze: 2.0.0.1788, časové razítko: 0x609abf7b
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000008528
ID chybujícího procesu: 0x34a4
Čas spuštění chybující aplikace: 0x01da88f87d3259ac
Cesta k chybující aplikaci: C:\WINDOWS\system32\devicecensus.exe
Cesta k chybujícímu modulu: amdihk64.dll
ID zprávy: 5fdac869-d55c-4283-bc51-bd54e0268d93
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/07/2024 04:28:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-CARLMBMQ$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 07 Apr 2024 14:28:03 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2cfac6e4-988b-40e7-be5e-9f0085a6d15f
Metoda: GET(907ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (04/07/2024 04:27:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DAX3API.exe, verze: 3.20301.323.0, časové razítko: 0x5c876b0e
Název chybujícího modulu: mscorlib.ni.dll, verze: 4.8.9181.0, časové razítko: 0x64b85429
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000577281
ID chybujícího procesu: 0x11f4
Čas spuštění chybující aplikace: 0x01da88f7ab41cada
Cesta k chybující aplikaci: C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
Cesta k chybujícímu modulu: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\mscorlib\987f639e2113a820112aca65fb12396c\mscorlib.ni.dll
ID zprávy: a86e7b3c-3c12-4d81-86a2-20a8790cd794
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/07/2024 04:27:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DAX3API.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na System.Collections.Generic.Dictionary`2[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(Int32, System.__Canon, Boolean)
na DAX.EnumEx.AddEnumType(System.Type)
na DAX.EnumEx.ToStrEx(System.Enum)
na DAX.RuntimeManager.IsGaming()
na DAX.DAXAPIImplement.StartSoundRadarHost(UInt32)
na DAX.DAXAPIImplement.StartAllDaemonProcess()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (04/01/2024 07:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devicecensus.exe, verze: 10.0.19645.1046, časové razítko: 0x827fe5ce
Název chybujícího modulu: amdihk64.dll_unloaded, verze: 2.0.0.1788, časové razítko: 0x609abf7b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004f9c
ID chybujícího procesu: 0x22c
Čas spuštění chybující aplikace: 0x01da845853643edc
Cesta k chybující aplikaci: C:\WINDOWS\system32\devicecensus.exe
Cesta k chybujícímu modulu: amdihk64.dll
ID zprávy: 05974756-c99d-4c28-b133-c60d61660278
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/31/2024 03:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LenovoVantage-(SmartPanelAddin).exe, verze: 4.0.52.0, časové razítko: 0xe85968c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001e7c1c904b8
ID chybujícího procesu: 0x3340
Čas spuštění chybující aplikace: 0x01da836cf38e6ef5
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(SmartPanelAddin).exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 77b014c2-1338-45a5-98b1-de0ea7666dff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/31/2024 03:11:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LenovoVantage-(SmartPanelAddin).exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.se_plugin_action(System.String, System.String, Byte**)
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.SendMsg(System.String, System.String, System.String)
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.GetAttention()
na SmartPanelAddin.Entry.Dispatcher.EventDispatcher.OnSessionChange(Lenovo.VantageService.Utilities.EventHub.EventArgs.SessionChangeEventArgs)
na Lenovo.VantageService.Utilities.Addin.AddinBase+<>c__DisplayClass18_0.<HandleEvent>b__0()
na System.Threading.Tasks.Task.Execute()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef)
na System.Threading.Tasks.Task.ExecuteEntry(Boolean)
na System.Threading.ThreadPoolWorkQueue.Dispatch()
Error: (03/25/2024 01:44:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.4170, časové razítko: 0x7d12a6cf
Název chybujícího modulu: SearchApp.exe, verze: 10.0.19041.4170, časové razítko: 0x7d12a6cf
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000018f78
ID chybujícího procesu: 0x2534
Čas spuštění chybující aplikace: 0x01da7ea9b74de0ee
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID zprávy: 0110bed5-abcd-4da6-9630-a5131aca5f04
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.13.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI
System errors:
=============
Error: (04/07/2024 04:53:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace bezpečnostních informací pro Microsoft Defender Antivirus – KB2267602 (verze 1.409.88.0) – Aktuální kanál (široká distribuce).
Error: (04/07/2024 04:52:37 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/07/2024 04:51:18 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/07/2024 04:50:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.
Error: (04/07/2024 04:35:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (04/07/2024 04:31:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (04/07/2024 04:29:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (04/02/2024 05:21:49 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Windows Defender:
================
Date: 2024-01-05 21:30:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {68DFF0F8-CCB1-443D-A8E8-A730BCCF284B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2024-01-03 19:14:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ADCEFE8B-1355-4E25-8F9C-0976DBB01A9C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-12-20 19:23:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D9B70EF4-6339-40AC-B652-6F3F5D8FF870}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-12-15 18:28:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2CB146A-7310-4558-B30B-459E607CA0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-12-06 14:27:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6EAB09DC-2DB5-4EA9-B3AD-26A3A82784B3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-12-19 12:30:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.680.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2023-12-19 12:30:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.680.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
CodeIntegrity:
===============
Date: 2024-04-07 16:43:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2024-04-07 16:43:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 8UCN19WW 05/14/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD A4-9125 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 61%
Total physical RAM: 7055.98 MB
Available physical RAM: 2683.02 MB
Total Virtual: 14223.98 MB
Available Virtual: 9291.41 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:776.78 GB) (Model: WDC WD10 SPZX-08Z10 SATA Disk Device) NTFS
\\?\Volume{d1d27b99-d0e1-4e91-ab23-f84200424eb5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{222f1be9-ef10-47fc-b444-2ffb6e83467a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70A00E01)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Prosim o kontrolu logu
Logfile of random's system information tool 1.10 (written by random/random)
Run by repov at 2024-04-07 19:33:36
Microsoft Windows 10 Home
System drive C: has 795 GB (83%) free of 953 GB
Total RAM: 7056 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:46, on 07.04.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.3636)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
C:\Program Files\trend micro\repov.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\repov\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 24.045.0303.0003] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
O23 - Service: AVG Antivirus - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Tools - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AVGWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8270b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem5.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Unknown owner - C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe (file missing)
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ELAN Service (ETDService) - Unknown owner - C:\WINDOWS\System32\ETDService.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\WINDOWS\System32\FMService64.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @oem19.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo - C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\WINDOWS\System32\RtkAudUService64.exe (file missing)
O23 - Service: @oem19.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10823 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e8eda8c2-4320-4c01-8a48-3a856a48145e -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-88a4b793-79a9-493e-a914-37cc091b454b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-da9762cb-a0ae-4ee8-ae44-b73b56468f39 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4a0f384-1d76-49dc-b2c5-53da455bacaa -LifetimeId:65dc4ae1-d3df-44c4-8798-a5809a271510 -DeviceGroupId: -HostArg:0
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\amdfendrsr.exe
C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
atieclxx
C:\WINDOWS\System32\ETDService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\Program Files\AVG\Antivirus\avgToolsSvc.exe" /runassvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
dashost.exe {cc865bbf-db4a-4487-98151042303f3a35}
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\FMService64.exe
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe"
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\WINDOWS\System32\RtkAudUService64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
AggregatorHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\ETDCtrlHelper.exe
sihost.exe
C:\WINDOWS\system32\ETDCtrl.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\WINDOWS\system32\ETDTouch.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\AVG\Antivirus\AVGUI.exe" /nogui
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files\AVG\Antivirus\aswEngSrv.exe" /pipename="DFE5C8B3-F7D1-52E7-7667-8ADD9C9BD220" /binpath="C:\Program Files\AVG\Antivirus" /logpath="C:\ProgramData\AVG\Antivirus\log"
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Windows\System32\RtkAudUService64.exe" -background
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=7420
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"
"C:\WINDOWS\system32\compattelrunner.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=gpu-process --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=9296 /prefetch:2
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=6656 /prefetch:8
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=6184 /prefetch:8
"C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppXj7d2pwbjt1by8j1s5wak729xa46cf4br.mca
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MoetSFY6mU27DzEK.1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe" --verbose-logging --do-not-launch-chrome --channel=stable --system-level
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\CHROME_PATCH.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --system-level
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\WINDOWS\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x2a0,0x2a4,0x2a8,0x27c,0x2ac,0x7ff6618d4698,0x7ff6618d46a4,0x7ff6618d46b0
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe" VantageCoreAddin C:\ProgramData\Lenovo\Vantage\Addins\\VantageCoreAddin\1.0.0.123\VantageCoreAddin.dll VantageCoreAddin.e07024002b54402b892720d4128fb11c 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe" DeviceSettingsSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsSystemAddin\1.0.5.9\DeviceSettingsSystemAddin.dll DeviceSettingsSystemAddin.0e1440cc862d411bb2510d800a34024d 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
C:\WINDOWS\system32\locator.exe
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe" GenericMessagingAddin C:\ProgramData\Lenovo\Vantage\Addins\\GenericMessagingAddin\1.0.0.99\GenericMessagingAddin.dll GenericMessagingAddin.09615d71305b432db750f6d2d06f8de5 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe" LenovoServiceBridgeAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoServiceBridgeAddin\1.0.0.88\LenovoServiceBridgeAddin.dll LenovoServiceBridgeAddin.0a7a6f1f833b49819984a8fea8acc5bd 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10061.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --no-startup-window
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.87 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.65 --initial-client-data=0x294,0x298,0x29c,0x290,0x2f8,0x7ff922ce4e48,0x7ff922ce4e54,0x7ff922ce4e60
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2472,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=2416 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1948,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=2700 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=3212 /prefetch:8
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\repov\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\repov\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\repov\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0x224,0x228,0x22c,0x1cc,0x230,0x7ff947f1cc40,0x7ff947f1cc4c,0x7ff947f1cc58
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2036 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2292,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2352 /prefetch:3
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2428,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2440 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=8898571659 --field-trial-handle=5028,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5660 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=8939586430 --field-trial-handle=4796,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5712 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=8560,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=8552 /prefetch:8
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SystemSettingsAdminFlows.exe" OptionalFeaturesAdminHelper
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4163_none_7e304ec47c735f2e\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-648718490-3214130810-706754298-10016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-648718490-3214130810-706754298-10016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
taskhostw.exe
powershell.exe -ExecutionPolicy Restricted -Command Write-Host 'Final result: 1';
\??\C:\WINDOWS\system32\conhost.exe 0x4
powershell.exe -ExecutionPolicy Restricted -Command $Res = 0; $Infs = Get-Item -Path ($env:WinDir + '\inf\*.inf'); foreach ($Inf in $Infs) { $Data = Get-Content $Inf.FullName; if ($Data -match '\[defaultinstall.nt(amd64|arm|arm64|x86)\]') { $Res = 1; break; } } Write-Host 'Final result:', $Res;
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x394
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 836 840 848 8192 844 820
"C:\Users\repov\Desktop\RSITx64.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=175 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=11236409222 --field-trial-handle=8028,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5400 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho_64.dll [2024-04-04 577472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho.dll [2024-04-04 454184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RtkAudUService"=C:\WINDOWS\System32\RtkAudUService64.exe [2020-03-24 1076728]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2024-04-02 460736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\repov\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2024-04-07 3306504]
"MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2024-03-27 4063800]
"Adobe Acrobat Synchronizer"=C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2024-03-18 11504544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
"Uninstall 24.045.0303.0003"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe []
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avgSP.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"FilterAdministratorToken"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2024-04-07 19:33:37 ----D---- C:\Program Files\trend micro
2024-04-07 19:33:36 ----D---- C:\rsit
2024-04-07 16:28:41 ----A---- C:\WINDOWS\system32\avgBoot.exe
2024-04-02 16:28:58 ----A---- C:\WINDOWS\system32\drivers\asw236276cee15ba1d1.tmp
2024-03-23 11:40:55 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2024-03-23 11:40:50 ----A---- C:\WINDOWS\system32\cdp.dll
2024-03-23 11:40:50 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2024-03-23 11:40:12 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2024-03-23 11:40:10 ----A---- C:\WINDOWS\system32\mfcore.dll
2024-03-23 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2024-03-23 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2024-03-23 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2024-03-23 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2024-03-23 11:40:05 ----A---- C:\WINDOWS\SYSWOW64\sqlsrv32.dll
2024-03-23 11:40:05 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2024-03-23 11:40:04 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2024-03-23 11:40:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2024-03-23 11:40:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2024-03-23 11:40:02 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2024-03-23 11:40:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiverExt.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpupdate.exe
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\tsgqec.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\tlscsp.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\MemoryDiagnostic.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\tapisrv.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\offreg.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\msimsg.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\msi.dll
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2024-03-23 11:39:49 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2024-03-23 11:39:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2024-03-23 11:39:48 ----A---- C:\WINDOWS\system32\jscript9.dll
2024-03-23 11:39:48 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\mshtml.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\iesetup.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\iernonce.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\ie4ushowIE.exe
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpupdate.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpresult.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpedit.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\WinHvPlatform.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\regsvc.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\MiracastReceiverExt.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\edpcsp.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2024-03-23 11:39:42 ----A---- C:\WINDOWS\system32\computestorage.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\tcbloader.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\hvix64.exe
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\UnifiedConsent.dll
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\hvloader.dll
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\LockScreenData.dll
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2024-03-23 11:39:17 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2024-03-23 11:39:17 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\LaunchTM.exe
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2024-03-23 11:39:12 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2024-03-23 11:39:12 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\XInputUap.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2024-03-23 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2024-03-23 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2024-03-23 11:39:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2024-03-23 11:39:04 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\imageres.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\SystemSettings.DataModel.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\secproc.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\system32\ServicingUAPI.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2024-03-23 11:38:58 ----A---- C:\WINDOWS\SYSWOW64\PkgMgr.exe
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\netplwiz.dll
2024-03-23 11:38:57 ----A---- C:\WINDOWS\system32\twinui.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\themeui.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\IppCommonProxy.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\IppCommon.dll
2024-03-23 11:38:55 ----A---- C:\WINDOWS\system32\APMon.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\nlaapi.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\ncsi.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\nlasvc.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2024-03-23 11:38:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2024-03-23 11:38:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2024-03-23 11:38:50 ----A---- C:\WINDOWS\system32\LockScreenData.dll
2024-03-23 11:38:50 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\msIso.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\gpapi.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\edgeIso.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\gpsvc.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\omadmclient.exe
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\omadmapi.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\policymanager.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dmwappushsvc.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dcsvc.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\declaredconfiguration.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\configmanager2.dll
2024-03-23 11:38:29 ----A---- C:\WINDOWS\system32\sppobjs.dll
2024-03-23 11:38:29 ----A---- C:\WINDOWS\system32\sppcext.dll
2024-03-23 11:38:28 ----A---- C:\WINDOWS\system32\sppsvc.exe
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\usermgr.dll
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\shell32.dll
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\OpenWith.exe
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\msctf.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\lpk.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\fontsub.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\dciman32.dll
2024-03-23 11:38:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2024-03-23 11:38:23 ----A---- C:\WINDOWS\system32\netlogon.dll
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\sechost.dll
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2024-03-23 11:38:21 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2024-03-23 11:38:21 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2024-03-23 11:38:20 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2024-03-23 11:38:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2024-03-23 11:38:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2024-03-23 11:38:16 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2024-03-23 11:38:15 ----A---- C:\WINDOWS\system32\drivers\werkernel.sys
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\samlib.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\offlinesam.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\lsasrv.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\WinTypes.dll
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\wincorlib.dll
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\samsrv.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\combase.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\ci.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\catsrvut.dll
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\es.dll
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\comsvcs.dll
2024-03-23 11:38:10 ----A---- C:\WINDOWS\system32\winresume.exe
2024-03-23 11:38:10 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2024-03-23 11:38:09 ----A---- C:\WINDOWS\system32\winload.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\LaunchTM.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\InputCloudStore.dll
2024-03-23 11:38:06 ----A---- C:\WINDOWS\system32\ShellAppRuntime.exe
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\wups2.dll
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\wcimage.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\wc_storage.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\drivers\cimfs.sys
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\daxexec.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\cimfs.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32u.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32k.sys
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\wpncore.dll
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\wpnapps.dll
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\profext.dll
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\BFE.DLL
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\storewuauth.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\InstallService.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\ISM.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2024-03-23 11:37:53 ----A---- C:\WINDOWS\system32\mssrch.dll
2024-03-23 11:37:53 ----A---- C:\WINDOWS\system32\InputService.dll
2024-03-23 11:37:52 ----A---- C:\WINDOWS\system32\win32kbase.sys
2024-03-23 11:37:39 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\dosvc.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\domgmt.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\DafDnsSd.dll
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\cdd.dll
2024-03-23 11:37:36 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\tbauth.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\GameInputSvc.exe
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\GameInputInbox.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\cloudAP.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\XInputUap.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\GameInput.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2024-03-23 11:37:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\StartTileData.dll
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\readCloudDataSettings.exe
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\usbmon.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\localui.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\system32\imageres.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\system32\advapi32.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\explorer.exe
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SystemSettingsBroker.exe
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\wpx.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\localspl.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\UCPDMgr.exe
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\drivers\UCPD.sys
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\CloudRestoreLauncher.dll
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\bcdedit.exe
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\wosc.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\MitigationClient.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\fcon.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\autopilot.dll
2024-03-23 11:37:17 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2024-03-23 11:36:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2024-03-23 11:36:29 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2024-03-23 10:29:32 ----HD---- C:\$WinREAgent
2024-03-23 10:27:26 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2024-03-23 10:27:24 ----A---- C:\WINDOWS\system32\poqexec.exe
2024-03-22 19:42:53 ----A---- C:\WINDOWS\system32\drivers\avgStm.sys
======List of files/folders modified in the last 1 month======
2024-04-07 19:33:37 ----RD---- C:\Program Files
2024-04-07 19:33:21 ----HD---- C:\Program Files\WindowsApps
2024-04-07 19:33:10 ----D---- C:\WINDOWS\Temp
2024-04-07 19:32:46 ----D---- C:\WINDOWS\prefetch
2024-04-07 19:28:55 ----D---- C:\WINDOWS\INF
2024-04-07 19:19:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2024-04-07 19:19:07 ----D---- C:\WINDOWS\SystemTemp
2024-04-07 19:19:07 ----D---- C:\Program Files (x86)\Google
2024-04-07 19:06:31 ----D---- C:\FRST
2024-04-07 19:05:10 ----SHD---- C:\System Volume Information
2024-04-07 18:52:11 ----D---- C:\WINDOWS\AppReadiness
2024-04-07 18:51:47 ----SHD---- C:\WINDOWS\Installer
2024-04-07 18:50:18 ----D---- C:\WINDOWS\system32\sru
2024-04-07 18:49:41 ----D---- C:\WINDOWS\system32\SleepStudy
2024-04-07 17:01:16 ----D---- C:\WINDOWS\SysWOW64
2024-04-07 16:57:29 ----D---- C:\WINDOWS\system32\Tasks
2024-04-07 16:31:51 ----D---- C:\ProgramData\AVG
2024-04-07 16:28:43 ----HD---- C:\WINDOWS\ELAMBKUP
2024-04-07 16:28:41 ----D---- C:\WINDOWS\System32
2024-04-07 16:27:07 ----A---- C:\WINDOWS\system32\regtest.txt
2024-04-07 16:26:46 ----D---- C:\WINDOWS\ServiceState
2024-04-07 16:26:43 ----ASH---- C:\DumpStack.log.tmp
2024-04-07 16:23:11 ----D---- C:\WINDOWS\system32\CatRoot
2024-04-07 16:23:09 ----D---- C:\WINDOWS\system32\catroot2
2024-04-02 16:38:09 ----D---- C:\WINDOWS\apppatch
2024-04-02 16:28:59 ----D---- C:\WINDOWS\system32\drivers
2024-04-01 19:32:09 ----D---- C:\ProgramData\CanonIJPLM
2024-03-31 15:07:23 ----RD---- C:\Users
2024-03-31 15:01:53 ----SHD---- C:\$Recycle.Bin
2024-03-24 01:47:32 ----RD---- C:\WINDOWS\Microsoft.NET
2024-03-24 01:34:03 ----D---- C:\WINDOWS\system32\config
2024-03-24 01:30:06 ----D---- C:\WINDOWS\WinSxS
2024-03-24 01:28:43 ----D---- C:\WINDOWS\system32\DriverStore
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\migration
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\en-US
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\Dism
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2024-03-24 01:23:55 ----D---- C:\WINDOWS\SystemResources
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\wbem
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\oobe
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\migration
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\en-US
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\Dism
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\cs-CZ
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\Boot
2024-03-24 01:23:48 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2024-03-24 01:23:48 ----D---- C:\WINDOWS\ShellExperiences
2024-03-24 01:23:48 ----D---- C:\WINDOWS\servicing
2024-03-24 01:23:48 ----D---- C:\WINDOWS\en-US
2024-03-24 01:23:48 ----D---- C:\WINDOWS\cs-CZ
2024-03-24 01:23:48 ----D---- C:\WINDOWS\bcastdvr
2024-03-24 01:23:48 ----D---- C:\Windows
2024-03-23 11:52:22 ----D---- C:\WINDOWS\CbsTemp
2024-03-23 11:36:36 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2024-03-23 08:47:22 ----D---- C:\WINDOWS\system32\MRT
2024-03-23 08:39:18 ----AC---- C:\WINDOWS\system32\MRT.exe
2024-03-23 00:28:28 ----D---- C:\Users\repov\AppData\Roaming\recroom-launcher
2024-03-22 19:49:14 ----D---- C:\Users\repov\AppData\Roaming\com.adobe.dunamis
2024-03-22 19:48:52 ----SHD---- C:\Config.Msi
2024-03-22 19:48:50 ----D---- C:\Program Files\RUXIM
2024-03-22 19:42:43 ----A---- C:\WINDOWS\system32\drivers\asw8347b51d7e6f8afb.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw7703d926ca385dbb.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw3c15a9c1acfbf0ef.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw39992cb57b66e993.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw340045e05e1bc224.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\aswfc0628ed986ce766.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\aswcb871ebf028ecb93.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\asw33140d9784296617.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\asw2d372f74f322ea36.tmp
2024-03-22 19:42:21 ----A---- C:\WINDOWS\system32\drivers\asw9bcb33b7088b87f6.tmp
2024-03-22 19:42:21 ----A---- C:\WINDOWS\system32\drivers\asw77c1dc43e6735457.tmp
2024-03-22 19:42:19 ----A---- C:\WINDOWS\system32\drivers\asw699cf4c0c4d3df12.tmp
2024-03-22 19:42:16 ----A---- C:\WINDOWS\system32\drivers\asw8529c7e934d6cc43.tmp
2024-03-22 19:41:48 ----D---- C:\WINDOWS\Minidump
2024-03-09 20:48:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\wbem
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\setup
2024-03-09 20:39:22 ----D---- C:\WINDOWS\system32\WinMetadata
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\setup
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\migwiz
2024-03-09 20:39:20 ----D---- C:\WINDOWS\system32\appraiser
2024-03-09 20:39:02 ----D---- C:\WINDOWS\ShellComponents
2024-03-09 20:38:53 ----D---- C:\WINDOWS\system32\CodeIntegrity
2024-03-09 20:38:36 ----D---- C:\WINDOWS\system32\drivers\UMDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2021-01-05 85704]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2021-01-05 43720]
R0 amdpsp;@oem1.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2021-03-23 137424]
R0 avgArDisk;avgArDisk; C:\WINDOWS\system32\drivers\avgArDisk.sys [2024-04-02 20528]
R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsh.sys [2024-04-02 292920]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniv.sys [2024-04-02 84536]
R0 avgElam;avgElam; C:\WINDOWS\system32\drivers\avgElam.sys [2024-02-17 27760]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2024-04-02 69176]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2024-04-02 306232]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2023-11-19 58328]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2023-11-19 44032]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2024-04-02 230448]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriver.sys [2024-04-02 379960]
R1 avgKbd;avgKbd; C:\WINDOWS\system32\drivers\avgKbd.sys [2024-04-02 28728]
R1 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2024-04-02 268856]
R1 avgNetHub;avgNetHub; C:\WINDOWS\system32\drivers\avgNetHub.sys [2024-04-02 548912]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2024-04-02 93752]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2024-04-02 935992]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2024-04-02 695864]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2024-03-23 98816]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 MEmuDrv;MemuHyperv Service; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [2021-01-04 320360]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-11-19 145896]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2024-03-23 503808]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2023-11-19 53248]
R3 ACPIVPC;@oem56.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2022-08-31 48896]
R3 amdfendr;@oem43.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver; C:\WINDOWS\System32\drivers\amdfendr.sys [2021-04-30 117448]
R3 amdgpio2;@oem30.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2021-01-05 46344]
R3 amdi2c;@oem51.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2021-01-17 67808]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\amdkmdag.sys [2021-06-17 82687200]
R3 AMDXE;@oem7.inf,%AMDXE.SVCDESC%;AMD Link Controller Emulation; C:\WINDOWS\System32\drivers\amdxe.sys [2021-01-05 62056]
R3 AtiHDAudioService;@oem26.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2021-01-18 247216]
R3 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2024-03-22 201680]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2024-03-23 1572352]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2024-03-23 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 ETD;@oem6.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\System32\drivers\ETD.sys [2019-09-25 743872]
R3 ETDHCF;@oem16.inf,%ETDHCF.SVCDESC%;ELAN HID Class Filter Service; C:\WINDOWS\System32\drivers\ETDHCF.sys [2019-09-25 30144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-03-24 7321896]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2023-11-19 323440]
R3 rt640x64;@oem36.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2021-01-05 1171552]
R3 RtkBtFilter;@oem19.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2019-09-11 801480]
R3 RTWlanE;@oem25.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2019-10-30 11388112]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2023-11-19 142208]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2023-11-19 159728]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2023-11-19 694272]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2024-03-07 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2023-11-19 282624]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2024-03-23 113664]
S3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2023-11-19 65536]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2023-11-19 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2024-03-23 45568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2023-11-19 133632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 ETD_Keyboard;ELAN Keyboard Filter Driver; C:\WINDOWS\System32\drivers\ETD.sys [2019-09-25 743872]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2023-11-19 104448]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2023-11-19 92160]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2024-03-23 96136]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2023-11-19 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2023-11-19 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2023-11-19 210944]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2023-11-19 131560]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2024-03-23 998256]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTSUER;@oem3.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-10-18 421312]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2023-11-19 36208]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2024-01-31 172992]
R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\WINDOWS\system32\amdfendrsr.exe [2021-04-30 517536]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe [2021-06-17 527560]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2024-04-02 802752]
R2 AVG Tools;AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [2024-04-02 1238456]
R2 AVGWscReporter;AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [2024-01-05 109480]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 CDPUserSvc_8270b;Uživatelská služba platformy připojených zařízení_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 ETDService;ELAN Service; C:\WINDOWS\System32\ETDService.exe [2019-09-25 249792]
R2 FMAPOService;Fortemedia APO Control Service; C:\WINDOWS\System32\FMService64.exe [2019-08-16 359808]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 ImControllerService;@oem19.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-11-20 93896]
R2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe [2024-03-03 34168]
R2 OneSyncSvc_8270b;Hostitel synchronizace_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\WINDOWS\System32\RtkAudUService64.exe [2020-03-24 1076728]
R2 RtkBtManServ;@oem19.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2019-09-11 705648]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2024-04-02 9164216]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 cbdhsvc_8270b;Uživatelská služba schránky_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 PimIndexMaintenanceSvc_8270b;Data kontaktů_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S2 DolbyDAXAPI;@oem5.inf,%ServiceDisplayName%;Dolby DAX API Service; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [2019-03-14 644976]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-10-20 156232]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AarSvc_8270b;Agent Activation Runtime_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BcastDVRUserService_8270b;Uživatelská služba pro GameDVR a vysílání her_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BluetoothUserService_8270b;Služba pro podporu uživatelů Bluetooth_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CaptureService_8270b;CaptureService_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 ConsentUxUserSvc_8270b;ConsentUX_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-11-19 386984]
S3 CredentialEnrollmentManagerUserSvc_8270b;CredentialEnrollmentManagerUserSvc_8270b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-11-19 386984]
S3 dcsvc;@%systemroot%\system32\dcsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DeviceAssociationBrokerSvc_8270b;DeviceAssociationBroker_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicePickerUserSvc_8270b;DevicePicker_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicesFlowUserSvc_8270b;Tok zařízení_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2024-02-11 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2024-03-04 811496]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 GameInputSvc;@%systemroot%\system32\GameInputSvc.exe,-101; C:\WINDOWS\System32\GameInputSvc.exe [2024-03-23 53768]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe [2024-03-26 1670944]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-10-20 156232]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MessagingService_8270b;Služba zasílání zpráv_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\elevation_service.exe [2024-04-04 1838136]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2023-11-19 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PrintWorkflowUserSvc_8270b;PrintWorkflow_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
-----------------EOF-----------------
Run by repov at 2024-04-07 19:33:36
Microsoft Windows 10 Home
System drive C: has 795 GB (83%) free of 953 GB
Total RAM: 7056 MB (42% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:46, on 07.04.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.3636)
Boot mode: Normal
Running processes:
C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
C:\Program Files\trend micro\repov.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\repov\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 24.045.0303.0003] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
O23 - Service: AVG Antivirus - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Tools - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AVGWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8270b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem5.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Unknown owner - C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe (file missing)
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ELAN Service (ETDService) - Unknown owner - C:\WINDOWS\System32\ETDService.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\WINDOWS\System32\FMService64.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @oem19.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo - C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\WINDOWS\System32\RtkAudUService64.exe (file missing)
O23 - Service: @oem19.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10823 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e8eda8c2-4320-4c01-8a48-3a856a48145e -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-88a4b793-79a9-493e-a914-37cc091b454b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-da9762cb-a0ae-4ee8-ae44-b73b56468f39 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4a0f384-1d76-49dc-b2c5-53da455bacaa -LifetimeId:65dc4ae1-d3df-44c4-8798-a5809a271510 -DeviceGroupId: -HostArg:0
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\amdfendrsr.exe
C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
atieclxx
C:\WINDOWS\System32\ETDService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\Program Files\AVG\Antivirus\avgToolsSvc.exe" /runassvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
dashost.exe {cc865bbf-db4a-4487-98151042303f3a35}
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\FMService64.exe
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe"
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\WINDOWS\System32\RtkAudUService64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
AggregatorHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\ETDCtrlHelper.exe
sihost.exe
C:\WINDOWS\system32\ETDCtrl.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\WINDOWS\system32\ETDTouch.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\AVG\Antivirus\AVGUI.exe" /nogui
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files\AVG\Antivirus\aswEngSrv.exe" /pipename="DFE5C8B3-F7D1-52E7-7667-8ADD9C9BD220" /binpath="C:\Program Files\AVG\Antivirus" /logpath="C:\ProgramData\AVG\Antivirus\log"
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Windows\System32\RtkAudUService64.exe" -background
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=7420
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"
"C:\WINDOWS\system32\compattelrunner.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=gpu-process --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=9296 /prefetch:2
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=6656 /prefetch:8
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=6184 /prefetch:8
"C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppXj7d2pwbjt1by8j1s5wak729xa46cf4br.mca
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MoetSFY6mU27DzEK.1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe" --verbose-logging --do-not-launch-chrome --channel=stable --system-level
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\CHROME_PATCH.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --system-level
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\WINDOWS\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x2a0,0x2a4,0x2a8,0x27c,0x2ac,0x7ff6618d4698,0x7ff6618d46a4,0x7ff6618d46b0
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe" VantageCoreAddin C:\ProgramData\Lenovo\Vantage\Addins\\VantageCoreAddin\1.0.0.123\VantageCoreAddin.dll VantageCoreAddin.e07024002b54402b892720d4128fb11c 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe" DeviceSettingsSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsSystemAddin\1.0.5.9\DeviceSettingsSystemAddin.dll DeviceSettingsSystemAddin.0e1440cc862d411bb2510d800a34024d 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
C:\WINDOWS\system32\locator.exe
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe" GenericMessagingAddin C:\ProgramData\Lenovo\Vantage\Addins\\GenericMessagingAddin\1.0.0.99\GenericMessagingAddin.dll GenericMessagingAddin.09615d71305b432db750f6d2d06f8de5 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe" LenovoServiceBridgeAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoServiceBridgeAddin\1.0.0.88\LenovoServiceBridgeAddin.dll LenovoServiceBridgeAddin.0a7a6f1f833b49819984a8fea8acc5bd 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10061.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --no-startup-window
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.87 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.65 --initial-client-data=0x294,0x298,0x29c,0x290,0x2f8,0x7ff922ce4e48,0x7ff922ce4e54,0x7ff922ce4e60
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2472,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=2416 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1948,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=2700 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=3212 /prefetch:8
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\repov\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\repov\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\repov\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0x224,0x228,0x22c,0x1cc,0x230,0x7ff947f1cc40,0x7ff947f1cc4c,0x7ff947f1cc58
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2036 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2292,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2352 /prefetch:3
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2428,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2440 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=8898571659 --field-trial-handle=5028,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5660 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=8939586430 --field-trial-handle=4796,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5712 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=8560,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=8552 /prefetch:8
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SystemSettingsAdminFlows.exe" OptionalFeaturesAdminHelper
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4163_none_7e304ec47c735f2e\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-648718490-3214130810-706754298-10016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-648718490-3214130810-706754298-10016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
taskhostw.exe
powershell.exe -ExecutionPolicy Restricted -Command Write-Host 'Final result: 1';
\??\C:\WINDOWS\system32\conhost.exe 0x4
powershell.exe -ExecutionPolicy Restricted -Command $Res = 0; $Infs = Get-Item -Path ($env:WinDir + '\inf\*.inf'); foreach ($Inf in $Infs) { $Data = Get-Content $Inf.FullName; if ($Data -match '\[defaultinstall.nt(amd64|arm|arm64|x86)\]') { $Res = 1; break; } } Write-Host 'Final result:', $Res;
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x394
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 836 840 848 8192 844 820
"C:\Users\repov\Desktop\RSITx64.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=175 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=11236409222 --field-trial-handle=8028,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5400 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho_64.dll [2024-04-04 577472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho.dll [2024-04-04 454184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RtkAudUService"=C:\WINDOWS\System32\RtkAudUService64.exe [2020-03-24 1076728]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2024-04-02 460736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\repov\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2024-04-07 3306504]
"MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2024-03-27 4063800]
"Adobe Acrobat Synchronizer"=C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2024-03-18 11504544]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
"Uninstall 24.045.0303.0003"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe []
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avgSP.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"FilterAdministratorToken"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2024-04-07 19:33:37 ----D---- C:\Program Files\trend micro
2024-04-07 19:33:36 ----D---- C:\rsit
2024-04-07 16:28:41 ----A---- C:\WINDOWS\system32\avgBoot.exe
2024-04-02 16:28:58 ----A---- C:\WINDOWS\system32\drivers\asw236276cee15ba1d1.tmp
2024-03-23 11:40:55 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2024-03-23 11:40:50 ----A---- C:\WINDOWS\system32\cdp.dll
2024-03-23 11:40:50 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2024-03-23 11:40:12 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2024-03-23 11:40:10 ----A---- C:\WINDOWS\system32\mfcore.dll
2024-03-23 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2024-03-23 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2024-03-23 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2024-03-23 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2024-03-23 11:40:05 ----A---- C:\WINDOWS\SYSWOW64\sqlsrv32.dll
2024-03-23 11:40:05 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2024-03-23 11:40:04 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2024-03-23 11:40:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2024-03-23 11:40:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2024-03-23 11:40:02 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2024-03-23 11:40:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiverExt.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpupdate.exe
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\tsgqec.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\tlscsp.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\MemoryDiagnostic.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\tapisrv.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\offreg.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\msimsg.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\msi.dll
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2024-03-23 11:39:49 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2024-03-23 11:39:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2024-03-23 11:39:48 ----A---- C:\WINDOWS\system32\jscript9.dll
2024-03-23 11:39:48 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\mshtml.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\iesetup.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\iernonce.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\ie4ushowIE.exe
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpupdate.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpresult.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpedit.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\WinHvPlatform.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\regsvc.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\MiracastReceiverExt.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\edpcsp.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2024-03-23 11:39:42 ----A---- C:\WINDOWS\system32\computestorage.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\tcbloader.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\hvix64.exe
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\UnifiedConsent.dll
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\hvloader.dll
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\LockScreenData.dll
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2024-03-23 11:39:17 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2024-03-23 11:39:17 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\LaunchTM.exe
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2024-03-23 11:39:12 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2024-03-23 11:39:12 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\XInputUap.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2024-03-23 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2024-03-23 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2024-03-23 11:39:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2024-03-23 11:39:04 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\imageres.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\SystemSettings.DataModel.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\secproc.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\system32\ServicingUAPI.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2024-03-23 11:38:58 ----A---- C:\WINDOWS\SYSWOW64\PkgMgr.exe
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\netplwiz.dll
2024-03-23 11:38:57 ----A---- C:\WINDOWS\system32\twinui.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\themeui.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\IppCommonProxy.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\IppCommon.dll
2024-03-23 11:38:55 ----A---- C:\WINDOWS\system32\APMon.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\nlaapi.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\ncsi.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\nlasvc.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2024-03-23 11:38:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2024-03-23 11:38:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2024-03-23 11:38:50 ----A---- C:\WINDOWS\system32\LockScreenData.dll
2024-03-23 11:38:50 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\msIso.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\gpapi.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\edgeIso.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\gpsvc.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\omadmclient.exe
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\omadmapi.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\policymanager.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dmwappushsvc.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dcsvc.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\declaredconfiguration.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\configmanager2.dll
2024-03-23 11:38:29 ----A---- C:\WINDOWS\system32\sppobjs.dll
2024-03-23 11:38:29 ----A---- C:\WINDOWS\system32\sppcext.dll
2024-03-23 11:38:28 ----A---- C:\WINDOWS\system32\sppsvc.exe
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\usermgr.dll
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\shell32.dll
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\OpenWith.exe
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\msctf.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\lpk.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\fontsub.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\dciman32.dll
2024-03-23 11:38:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2024-03-23 11:38:23 ----A---- C:\WINDOWS\system32\netlogon.dll
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\sechost.dll
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2024-03-23 11:38:21 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2024-03-23 11:38:21 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2024-03-23 11:38:20 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2024-03-23 11:38:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2024-03-23 11:38:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2024-03-23 11:38:16 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2024-03-23 11:38:15 ----A---- C:\WINDOWS\system32\drivers\werkernel.sys
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\samlib.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\offlinesam.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\lsasrv.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\WinTypes.dll
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\wincorlib.dll
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\samsrv.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\combase.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\ci.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\catsrvut.dll
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\es.dll
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\comsvcs.dll
2024-03-23 11:38:10 ----A---- C:\WINDOWS\system32\winresume.exe
2024-03-23 11:38:10 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2024-03-23 11:38:09 ----A---- C:\WINDOWS\system32\winload.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\LaunchTM.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\InputCloudStore.dll
2024-03-23 11:38:06 ----A---- C:\WINDOWS\system32\ShellAppRuntime.exe
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\wups2.dll
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\wcimage.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\wc_storage.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\drivers\cimfs.sys
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\daxexec.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\cimfs.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32u.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32k.sys
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\wpncore.dll
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\wpnapps.dll
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\profext.dll
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\BFE.DLL
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\storewuauth.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\InstallService.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\ISM.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2024-03-23 11:37:53 ----A---- C:\WINDOWS\system32\mssrch.dll
2024-03-23 11:37:53 ----A---- C:\WINDOWS\system32\InputService.dll
2024-03-23 11:37:52 ----A---- C:\WINDOWS\system32\win32kbase.sys
2024-03-23 11:37:39 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\dosvc.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\domgmt.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\DafDnsSd.dll
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\cdd.dll
2024-03-23 11:37:36 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\tbauth.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\GameInputSvc.exe
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\GameInputInbox.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\cloudAP.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\XInputUap.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\GameInput.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2024-03-23 11:37:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\StartTileData.dll
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\readCloudDataSettings.exe
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\usbmon.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\localui.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\system32\imageres.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\system32\advapi32.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\explorer.exe
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SystemSettingsBroker.exe
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\wpx.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\localspl.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\UCPDMgr.exe
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\drivers\UCPD.sys
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\CloudRestoreLauncher.dll
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\bcdedit.exe
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\wosc.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\MitigationClient.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\fcon.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\autopilot.dll
2024-03-23 11:37:17 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2024-03-23 11:36:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2024-03-23 11:36:29 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2024-03-23 10:29:32 ----HD---- C:\$WinREAgent
2024-03-23 10:27:26 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2024-03-23 10:27:24 ----A---- C:\WINDOWS\system32\poqexec.exe
2024-03-22 19:42:53 ----A---- C:\WINDOWS\system32\drivers\avgStm.sys
======List of files/folders modified in the last 1 month======
2024-04-07 19:33:37 ----RD---- C:\Program Files
2024-04-07 19:33:21 ----HD---- C:\Program Files\WindowsApps
2024-04-07 19:33:10 ----D---- C:\WINDOWS\Temp
2024-04-07 19:32:46 ----D---- C:\WINDOWS\prefetch
2024-04-07 19:28:55 ----D---- C:\WINDOWS\INF
2024-04-07 19:19:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2024-04-07 19:19:07 ----D---- C:\WINDOWS\SystemTemp
2024-04-07 19:19:07 ----D---- C:\Program Files (x86)\Google
2024-04-07 19:06:31 ----D---- C:\FRST
2024-04-07 19:05:10 ----SHD---- C:\System Volume Information
2024-04-07 18:52:11 ----D---- C:\WINDOWS\AppReadiness
2024-04-07 18:51:47 ----SHD---- C:\WINDOWS\Installer
2024-04-07 18:50:18 ----D---- C:\WINDOWS\system32\sru
2024-04-07 18:49:41 ----D---- C:\WINDOWS\system32\SleepStudy
2024-04-07 17:01:16 ----D---- C:\WINDOWS\SysWOW64
2024-04-07 16:57:29 ----D---- C:\WINDOWS\system32\Tasks
2024-04-07 16:31:51 ----D---- C:\ProgramData\AVG
2024-04-07 16:28:43 ----HD---- C:\WINDOWS\ELAMBKUP
2024-04-07 16:28:41 ----D---- C:\WINDOWS\System32
2024-04-07 16:27:07 ----A---- C:\WINDOWS\system32\regtest.txt
2024-04-07 16:26:46 ----D---- C:\WINDOWS\ServiceState
2024-04-07 16:26:43 ----ASH---- C:\DumpStack.log.tmp
2024-04-07 16:23:11 ----D---- C:\WINDOWS\system32\CatRoot
2024-04-07 16:23:09 ----D---- C:\WINDOWS\system32\catroot2
2024-04-02 16:38:09 ----D---- C:\WINDOWS\apppatch
2024-04-02 16:28:59 ----D---- C:\WINDOWS\system32\drivers
2024-04-01 19:32:09 ----D---- C:\ProgramData\CanonIJPLM
2024-03-31 15:07:23 ----RD---- C:\Users
2024-03-31 15:01:53 ----SHD---- C:\$Recycle.Bin
2024-03-24 01:47:32 ----RD---- C:\WINDOWS\Microsoft.NET
2024-03-24 01:34:03 ----D---- C:\WINDOWS\system32\config
2024-03-24 01:30:06 ----D---- C:\WINDOWS\WinSxS
2024-03-24 01:28:43 ----D---- C:\WINDOWS\system32\DriverStore
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\migration
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\en-US
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\Dism
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2024-03-24 01:23:55 ----D---- C:\WINDOWS\SystemResources
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\wbem
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\oobe
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\migration
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\en-US
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\Dism
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\cs-CZ
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\Boot
2024-03-24 01:23:48 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2024-03-24 01:23:48 ----D---- C:\WINDOWS\ShellExperiences
2024-03-24 01:23:48 ----D---- C:\WINDOWS\servicing
2024-03-24 01:23:48 ----D---- C:\WINDOWS\en-US
2024-03-24 01:23:48 ----D---- C:\WINDOWS\cs-CZ
2024-03-24 01:23:48 ----D---- C:\WINDOWS\bcastdvr
2024-03-24 01:23:48 ----D---- C:\Windows
2024-03-23 11:52:22 ----D---- C:\WINDOWS\CbsTemp
2024-03-23 11:36:36 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2024-03-23 08:47:22 ----D---- C:\WINDOWS\system32\MRT
2024-03-23 08:39:18 ----AC---- C:\WINDOWS\system32\MRT.exe
2024-03-23 00:28:28 ----D---- C:\Users\repov\AppData\Roaming\recroom-launcher
2024-03-22 19:49:14 ----D---- C:\Users\repov\AppData\Roaming\com.adobe.dunamis
2024-03-22 19:48:52 ----SHD---- C:\Config.Msi
2024-03-22 19:48:50 ----D---- C:\Program Files\RUXIM
2024-03-22 19:42:43 ----A---- C:\WINDOWS\system32\drivers\asw8347b51d7e6f8afb.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw7703d926ca385dbb.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw3c15a9c1acfbf0ef.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw39992cb57b66e993.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw340045e05e1bc224.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\aswfc0628ed986ce766.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\aswcb871ebf028ecb93.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\asw33140d9784296617.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\asw2d372f74f322ea36.tmp
2024-03-22 19:42:21 ----A---- C:\WINDOWS\system32\drivers\asw9bcb33b7088b87f6.tmp
2024-03-22 19:42:21 ----A---- C:\WINDOWS\system32\drivers\asw77c1dc43e6735457.tmp
2024-03-22 19:42:19 ----A---- C:\WINDOWS\system32\drivers\asw699cf4c0c4d3df12.tmp
2024-03-22 19:42:16 ----A---- C:\WINDOWS\system32\drivers\asw8529c7e934d6cc43.tmp
2024-03-22 19:41:48 ----D---- C:\WINDOWS\Minidump
2024-03-09 20:48:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\wbem
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\setup
2024-03-09 20:39:22 ----D---- C:\WINDOWS\system32\WinMetadata
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\setup
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\migwiz
2024-03-09 20:39:20 ----D---- C:\WINDOWS\system32\appraiser
2024-03-09 20:39:02 ----D---- C:\WINDOWS\ShellComponents
2024-03-09 20:38:53 ----D---- C:\WINDOWS\system32\CodeIntegrity
2024-03-09 20:38:36 ----D---- C:\WINDOWS\system32\drivers\UMDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2021-01-05 85704]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2021-01-05 43720]
R0 amdpsp;@oem1.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2021-03-23 137424]
R0 avgArDisk;avgArDisk; C:\WINDOWS\system32\drivers\avgArDisk.sys [2024-04-02 20528]
R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsh.sys [2024-04-02 292920]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniv.sys [2024-04-02 84536]
R0 avgElam;avgElam; C:\WINDOWS\system32\drivers\avgElam.sys [2024-02-17 27760]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2024-04-02 69176]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2024-04-02 306232]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2023-11-19 58328]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2023-11-19 44032]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2024-04-02 230448]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriver.sys [2024-04-02 379960]
R1 avgKbd;avgKbd; C:\WINDOWS\system32\drivers\avgKbd.sys [2024-04-02 28728]
R1 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2024-04-02 268856]
R1 avgNetHub;avgNetHub; C:\WINDOWS\system32\drivers\avgNetHub.sys [2024-04-02 548912]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2024-04-02 93752]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2024-04-02 935992]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2024-04-02 695864]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2024-03-23 98816]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 MEmuDrv;MemuHyperv Service; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [2021-01-04 320360]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-11-19 145896]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2024-03-23 503808]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2023-11-19 53248]
R3 ACPIVPC;@oem56.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2022-08-31 48896]
R3 amdfendr;@oem43.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver; C:\WINDOWS\System32\drivers\amdfendr.sys [2021-04-30 117448]
R3 amdgpio2;@oem30.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2021-01-05 46344]
R3 amdi2c;@oem51.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2021-01-17 67808]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\amdkmdag.sys [2021-06-17 82687200]
R3 AMDXE;@oem7.inf,%AMDXE.SVCDESC%;AMD Link Controller Emulation; C:\WINDOWS\System32\drivers\amdxe.sys [2021-01-05 62056]
R3 AtiHDAudioService;@oem26.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2021-01-18 247216]
R3 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2024-03-22 201680]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2024-03-23 1572352]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2024-03-23 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 ETD;@oem6.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\System32\drivers\ETD.sys [2019-09-25 743872]
R3 ETDHCF;@oem16.inf,%ETDHCF.SVCDESC%;ELAN HID Class Filter Service; C:\WINDOWS\System32\drivers\ETDHCF.sys [2019-09-25 30144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-03-24 7321896]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2023-11-19 323440]
R3 rt640x64;@oem36.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2021-01-05 1171552]
R3 RtkBtFilter;@oem19.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2019-09-11 801480]
R3 RTWlanE;@oem25.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2019-10-30 11388112]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2023-11-19 142208]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2023-11-19 159728]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2023-11-19 694272]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2024-03-07 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2023-11-19 282624]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2024-03-23 113664]
S3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2023-11-19 65536]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2023-11-19 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2024-03-23 45568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2023-11-19 133632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 ETD_Keyboard;ELAN Keyboard Filter Driver; C:\WINDOWS\System32\drivers\ETD.sys [2019-09-25 743872]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2023-11-19 104448]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2023-11-19 92160]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2024-03-23 96136]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2023-11-19 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2023-11-19 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2023-11-19 210944]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2023-11-19 131560]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2024-03-23 998256]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTSUER;@oem3.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-10-18 421312]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2023-11-19 36208]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2024-01-31 172992]
R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\WINDOWS\system32\amdfendrsr.exe [2021-04-30 517536]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe [2021-06-17 527560]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2024-04-02 802752]
R2 AVG Tools;AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [2024-04-02 1238456]
R2 AVGWscReporter;AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [2024-01-05 109480]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 CDPUserSvc_8270b;Uživatelská služba platformy připojených zařízení_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 ETDService;ELAN Service; C:\WINDOWS\System32\ETDService.exe [2019-09-25 249792]
R2 FMAPOService;Fortemedia APO Control Service; C:\WINDOWS\System32\FMService64.exe [2019-08-16 359808]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 ImControllerService;@oem19.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-11-20 93896]
R2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe [2024-03-03 34168]
R2 OneSyncSvc_8270b;Hostitel synchronizace_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\WINDOWS\System32\RtkAudUService64.exe [2020-03-24 1076728]
R2 RtkBtManServ;@oem19.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2019-09-11 705648]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2024-04-02 9164216]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 cbdhsvc_8270b;Uživatelská služba schránky_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 PimIndexMaintenanceSvc_8270b;Data kontaktů_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S2 DolbyDAXAPI;@oem5.inf,%ServiceDisplayName%;Dolby DAX API Service; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [2019-03-14 644976]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-10-20 156232]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AarSvc_8270b;Agent Activation Runtime_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BcastDVRUserService_8270b;Uživatelská služba pro GameDVR a vysílání her_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BluetoothUserService_8270b;Služba pro podporu uživatelů Bluetooth_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CaptureService_8270b;CaptureService_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 ConsentUxUserSvc_8270b;ConsentUX_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-11-19 386984]
S3 CredentialEnrollmentManagerUserSvc_8270b;CredentialEnrollmentManagerUserSvc_8270b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-11-19 386984]
S3 dcsvc;@%systemroot%\system32\dcsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DeviceAssociationBrokerSvc_8270b;DeviceAssociationBroker_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicePickerUserSvc_8270b;DevicePicker_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicesFlowUserSvc_8270b;Tok zařízení_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2024-02-11 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2024-03-04 811496]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 GameInputSvc;@%systemroot%\system32\GameInputSvc.exe,-101; C:\WINDOWS\System32\GameInputSvc.exe [2024-03-23 53768]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe [2024-03-26 1670944]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-10-20 156232]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MessagingService_8270b;Služba zasílání zpráv_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\elevation_service.exe [2024-04-04 1838136]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2023-11-19 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PrintWorkflowUserSvc_8270b;PrintWorkflow_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 118289
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. V souč. době, kdy převažují 64b systémy, je zbytečné dávat log RSIT. Je s nimi nekompatibilní a k ničemu ho nepotřebujeme,Start
CloseProcesses:
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosim o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 06.04.2024 01
Ran by repov (07-04-2024 20:04:52) Run:2
Running from C:\Users\repov\Desktop
Loaded Profiles: repov & romek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A91004ED-A60D-4262-A79C-B1605709D440}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 24.045.0303.0003" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005\amd64" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CAFCB0CC-8F31-4D66-B43F-1E2D25882187}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAFCB0CC-8F31-4D66-B43F-1E2D25882187}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87412682-69C6-408D-9CE1-C1CBFC4712CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87412682-69C6-408D-9CE1-C1CBFC4712CA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EAE14B9-6A74-4F05-880E-4CF98B46E3B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EAE14B9-6A74-4F05-880E-4CF98B46E3B0}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\NotificationCenter" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}" => not found
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp => moved successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63408716 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 140544508 B
Edge => 0 B
Chrome => 657808930 B
Firefox => 0 B
Opera => 6947800 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 853676 B
systemprofile32 => 853676 B
LocalService => 974976 B
NetworkService => 1100664 B
repov => 464568742 B
defaultuser100000 => 464568742 B
defaultuser100000.LAPTOP-CARLMBMQ => 464568742 B
romek => 587185569 B
RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:06:47 ====
Ran by repov (07-04-2024 20:04:52) Run:2
Running from C:\Users\repov\Desktop
Loaded Profiles: repov & romek
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A91004ED-A60D-4262-A79C-B1605709D440}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 24.045.0303.0003" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005\amd64" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CAFCB0CC-8F31-4D66-B43F-1E2D25882187}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAFCB0CC-8F31-4D66-B43F-1E2D25882187}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87412682-69C6-408D-9CE1-C1CBFC4712CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87412682-69C6-408D-9CE1-C1CBFC4712CA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EAE14B9-6A74-4F05-880E-4CF98B46E3B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EAE14B9-6A74-4F05-880E-4CF98B46E3B0}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\NotificationCenter" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}" => not found
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp => moved successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63408716 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 140544508 B
Edge => 0 B
Chrome => 657808930 B
Firefox => 0 B
Opera => 6947800 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 853676 B
systemprofile32 => 853676 B
LocalService => 974976 B
NetworkService => 1100664 B
repov => 464568742 B
defaultuser100000 => 464568742 B
defaultuser100000.LAPTOP-CARLMBMQ => 464568742 B
romek => 587185569 B
RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:06:47 ====
-
Rudy
- Site Admin
- Příspěvky: 118289
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosim o kontrolu logu
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?