VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.04.2024 01
Ran by repov (administrator) on LAPTOP-CARLMBMQ (LENOVO 81D6) (07-04-2024 19:03:03)
Running from C:\Users\repov\Desktop\FRST64.exe
Loaded Profiles: repov
Platform: Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\repov\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe <2>
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atieclxx.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (8CC70D00-7114-4146-8535-9FE8123B749C -> CyberLink) C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\repov\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> Gen Digital Inc.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Lenovo -> Lenovo) C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [460736 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11504544 2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [Opera Stable] => C:\Users\repov\AppData\Local\Programs\Opera\opera.exe [1580448 2024-03-21] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\Run: [Opera Browser Assistant] => C:\Users\repov\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3996064 2024-03-04] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [66978208 2024-04-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\MountPoints2: {d7d6aadf-3085-11ee-8b9d-b0fc36baa326} - "E:\HonorSuiteOnlineInstaller.exe"
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\Run: [MicrosoftEdgeAutoLaunch_FE7876EA14C837986BD580EB769A1861] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [65858576 2024-01-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\...\Windows x64\Print Processors\Canon MG2400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBW.DLL [30208 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2023-11-05] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2400 series: C:\WINDOWS\system32\CNMLMBW.DLL [391168 2023-07-07] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2400 series XPS: C:\WINDOWS\system32\CNMXLMBW.DLL [393728 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-31] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {E9B10E4C-B209-4FDA-A22E-05E0ED369E2B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {65AD5BD9-E030-48E4-BA55-CEF3E0259598} - System32\Tasks\AVG\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [5225408 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
Task: {885DB202-14AE-427B-9B35-0EB3A7225789} - System32\Tasks\AVG\AVG Antivirus Patcher => C:\Program Files\Common Files\AVG\Icarus\avg-av\icarus.exe [7991224 2024-03-25] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {04000E10-60D9-4234-BEA8-2432CF3C3075} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2181560 2024-01-05] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {5F322B17-2EC4-47CD-A72D-983A61880135} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [74952 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {C7ECB11D-4EA5-4D3C-8B09-10371981CCE5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> START ImControllerService
Task: {5D26767E-137E-4A4A-8E22-570567699A51} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => C:\WINDOWS\System32\reg.exe [77312 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {82DCAB4D-CE87-430A-83EB-A8AC19A34355} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\86f64c62-faaa-44cf-97f4-53f5f096e0f6 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {9406DDA7-E451-4BD8-9838-0215631465AD} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a3ceb373-6424-4896-ad3f-7e9478a3a427 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {FE02ABA3-3968-4D57-BF33-05F3693CC481} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b6bdc574-cae2-4d2e-ba13-1cce753d3f34 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {8EE0A99C-9FF6-4076-8F54-8274509F5804} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bad0b576-1a97-4aad-bb2b-364ad9ffc355 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {05CC5758-C56D-4A1B-8FC0-D96407DBD53F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c4c3a74d-7bfe-44d4-9c76-b9a1324d033d => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
Task: {D09448E7-96F2-4DAA-BACA-64D1920E4674} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => C:\WINDOWS\system32\sc.exe [72192 2019-12-07] (Microsoft Windows -> Microsoft Corporation) -> start LenovoVantageService
Task: {D3D4D703-11B1-4E4A-8DEB-80105BF6EBE4} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {FF4E85D6-0905-4462-B983-3F8DF7B2AB65} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {698E20B0-8ADE-47F4-9C1E-7C65FEBA0FBC} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {268AB45D-2AD1-4070-A9B8-AD65327E02A9} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {56DB5763-CDB5-4ACD-8715-51AC3A892B4C} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {3A8A6382-A1DE-4C11-A2EB-C1145B5D2D86} - System32\Tasks\Lenovo\Vantage\Schedule\Lenovo.Vantage.SmartPerformance.MonthlyReport => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {6F0FAADC-A200-44C6-A259-20D49A0AEB32} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBatteryPartSalesMonthlyToast => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {41B088B2-6549-4EBE-A239-60393C85A077} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {1AA3C485-7918-4647-8AFD-76C45F4AECF1} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
Task: {324DF95C-34B8-4FD2-8A1C-80EFF7F13FD7} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {F1040B02-E0B7-4DA6-B27C-08F0346C11B7} - System32\Tasks\Lenovo\Vantage\Schedule\SmartPerformance.ExpireReminder => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {EAB740B0-7D6C-4365-A893-BE4130BFE933} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinWeekScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\ScheduleEventAction.exe [30176 2024-03-03] (Lenovo -> Lenovo)
Task: {092243AE-6569-434B-A0C1-E7C33887E3EB} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\uninstall.exe [365024 2024-03-03] (Lenovo -> Lenovo)
Task: {08B53E6E-FA94-4322-B595-EB662156261A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D0868230-8130-4425-8429-000A78574A8E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E115F40B-8560-4B09-988C-76EA6B428AD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04542C44-D830-43EE-80BA-764AE23D5941} - System32\Tasks\Opera scheduled assistant Autoupdate 1704491115 => C:\Users\repov\AppData\Local\Programs\Opera\launcher.exe [1580448 2024-03-21] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\repov\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F1BE904E-6578-454A-BFD6-85C073E50524} - System32\Tasks\Opera scheduled Autoupdate 1704491018 => C:\Users\repov\AppData\Local\Programs\Opera\launcher.exe [1580448 2024-03-21] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d03cd3c-8033-4f9a-a65e-969f22447f70}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d03cd3c-8033-4f9a-a65e-969f22447f70}: [DhcpDomain] home
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}: [DhcpDomain] home
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}\25F6D656B6: [DhcpNameServer] 192.168.240.146
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}\65F6461666F6E656D224549363: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b6ad82f6-b272-46a6-92d3-e098424dc67d}\65F6461666F6E656D224549363: [DhcpDomain] home

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-22]
Edge Extension: (Edge relevant text changes) - C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-11]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\repov\AppData\Local\Google\Chrome\User Data\Default [2024-04-07]
CHR DownloadDir: C:\Users\repov\Desktop\hudba
CHR Notifications: Default -> hxxps://meet.google.com; hxxps://www.heureka.cz; hxxps://www.youtube.com
CHR Extension: (Dokumenty Google offline) - C:\Users\repov\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\repov\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-20]
CHR HKU\S-1-5-21-648718490-3214130810-706754298-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [802752 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [1238456 2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [9164216 2024-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2024-01-05] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [644976 2019-03-14] (Dolby Laboratories, Inc. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811496 2024-03-04] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [93896 2022-11-20] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantageService.exe [34168 2024-03-03] (Lenovo -> Lenovo)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2021-01-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [20528 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [230448 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [379960 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [292920 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [84536 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [27760 2024-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [28728 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [268856 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgNetHub; C:\WINDOWS\System32\drivers\avgNetHub.sys [548912 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [93752 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [69176 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [935992 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [695864 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [201680 2024-03-22] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [306232 2024-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 ETD_Keyboard; C:\WINDOWS\System32\drivers\ETD.sys [743872 2019-09-25] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [320360 2021-01-04] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-07 19:03 - 2024-04-07 19:08 - 000028726 _____ C:\Users\repov\Desktop\FRST.txt
2024-04-07 18:56 - 2024-04-07 18:57 - 002393600 _____ (Farbar) C:\Users\repov\Desktop\FRST64.exe
2024-04-07 16:28 - 2024-04-02 16:28 - 000314816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\avgBoot.exe
2024-03-25 14:21 - 2024-03-25 14:21 - 000000762 _____ C:\Users\repov\Desktop\výživné.txt
2024-03-23 11:39 - 2024-03-23 11:39 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-23 11:37 - 2024-03-23 11:37 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-23 10:29 - 2024-03-23 10:29 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-07 19:19 - 2021-09-01 17:04 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-07 19:08 - 2023-03-17 20:36 - 000000000 ____D C:\Users\repov\Desktop\hudba
2024-04-07 19:06 - 2023-02-12 10:14 - 000000000 ____D C:\FRST
2024-04-07 18:58 - 2021-09-02 01:34 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-07 18:56 - 2022-01-11 17:29 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-07 18:56 - 2021-10-20 15:26 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-07 18:52 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-07 18:49 - 2021-09-02 01:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-07 16:57 - 2022-03-01 20:41 - 000002384 _____ C:\Users\repov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-07 16:57 - 2022-01-11 11:23 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-648718490-3214130810-706754298-1001
2024-04-07 16:57 - 2021-09-01 17:29 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648718490-3214130810-706754298-1001
2024-04-07 16:48 - 2021-09-01 17:04 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-07 16:47 - 2021-09-02 01:33 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-07 16:47 - 2021-09-02 01:33 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-07 16:41 - 2021-09-01 17:23 - 000000000 ____D C:\Users\repov\AppData\Local\D3DSCache
2024-04-07 16:31 - 2023-03-26 20:39 - 000000000 ____D C:\ProgramData\AVG
2024-04-07 16:29 - 2024-01-05 23:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2024-04-07 16:28 - 2021-09-01 17:04 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-07 16:27 - 2021-09-02 01:34 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2024-04-07 16:26 - 2021-09-02 01:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-07 16:26 - 2021-09-02 01:31 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-07 16:26 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\ServiceState
2024-04-07 16:23 - 2021-09-02 01:34 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2024-04-07 16:23 - 2021-09-01 16:47 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-04-02 16:28 - 2024-01-05 23:47 - 000935992 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000695864 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgSP.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000548912 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgNetHub.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsdriver.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000306232 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbidsh.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000268856 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000230448 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArPot.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRdr2.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgbuniv.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgKbd.sys
2024-04-02 16:28 - 2024-01-05 23:47 - 000020528 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\avgArDisk.sys
2024-04-01 19:32 - 2021-10-24 15:00 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-03-31 15:26 - 2021-09-01 17:22 - 000000000 ____D C:\Users\repov\AppData\Local\Packages
2024-03-31 15:16 - 2023-07-01 20:27 - 000000252 _____ C:\Users\repov\AppData\LocalLow\rbxcsettings.rbx
2024-03-31 15:14 - 2023-07-01 20:31 - 000001398 _____ C:\Users\repov\Desktop\Roblox Studio.lnk
2024-03-31 15:14 - 2023-07-01 20:31 - 000000000 ____D C:\Users\repov\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-03-31 15:02 - 2021-10-20 15:28 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-31 15:02 - 2021-10-20 15:28 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-25 13:44 - 2023-04-18 15:20 - 000000000 ____D C:\Users\repov\AppData\Local\CrashDumps
2024-03-24 17:09 - 2024-03-07 14:31 - 000003854 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1704491115
2024-03-24 17:09 - 2024-01-05 23:45 - 000003600 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1704491018
2024-03-24 17:09 - 2024-01-05 23:19 - 000003058 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-648718490-3214130810-706754298-1008
2024-03-24 17:09 - 2024-01-05 23:18 - 000002854 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-648718490-3214130810-706754298-1008
2024-03-24 17:09 - 2023-06-23 16:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2024-03-24 17:09 - 2023-05-10 16:21 - 000003486 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
2024-03-24 17:09 - 2023-05-10 16:21 - 000003262 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
2024-03-24 17:09 - 2021-10-19 16:12 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-03-24 01:29 - 2021-09-01 17:01 - 000000000 ____D C:\WINDOWS\INF
2024-03-24 01:27 - 2021-09-02 01:31 - 000260712 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-24 01:23 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-24 01:23 - 2021-09-01 16:47 - 000000000 ____D C:\WINDOWS\servicing
2024-03-23 11:52 - 2021-09-01 16:52 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-23 11:36 - 2021-09-02 01:34 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-23 08:47 - 2021-09-06 19:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-23 08:39 - 2021-09-06 19:01 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-23 00:28 - 2024-03-04 14:27 - 000000000 ____D C:\Users\repov\AppData\Roaming\recroom-launcher
2024-03-23 00:28 - 2021-09-01 17:15 - 000000000 ____D C:\Users\repov
2024-03-22 19:49 - 2022-09-18 18:51 - 000000000 ____D C:\Users\repov\AppData\Roaming\com.adobe.dunamis
2024-03-22 19:48 - 2023-10-16 15:46 - 000000000 ____D C:\Program Files\RUXIM
2024-03-22 19:42 - 2024-01-05 23:47 - 000935480 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000694728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000548920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000379960 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw699cf4c0c4d3df12.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000306120 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000292920 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000264760 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000230968 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000093752 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000084536 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000069176 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000028728 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
2024-03-22 19:42 - 2024-01-05 23:47 - 000020424 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp
2024-03-22 19:41 - 2022-03-24 14:05 - 000000000 ____D C:\WINDOWS\Minidump
2024-03-22 19:38 - 2021-06-05 09:14 - 000699956 ____N C:\WINDOWS\Minidump\032224-60968-01.dmp
2024-03-22 01:25 - 2023-12-06 14:47 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2024-03-22 01:25 - 2022-10-13 08:26 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-09 20:48 - 2021-09-02 02:06 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 20:48 - 2021-09-01 17:10 - 000717850 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-09 20:48 - 2021-09-01 17:10 - 000144992 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\setup
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-09 20:39 - 2021-09-01 17:04 - 000000000 ____D C:\WINDOWS\ShellComponents

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.04.2024 01
Ran by repov (07-04-2024 19:23:33)
Running from C:\Users\repov\Desktop
Microsoft Windows 10 Home Version 22H2 19045.4170 (X64) (2021-09-02 00:03:11)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-648718490-3214130810-706754298-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-648718490-3214130810-706754298-503 - Limited - Disabled)
Guest (S-1-5-21-648718490-3214130810-706754298-501 - Limited - Disabled)
repov (S-1-5-21-648718490-3214130810-706754298-1001 - Administrator - Enabled) => C:\Users\repov
romek (S-1-5-21-648718490-3214130810-706754298-1008 - Limited - Enabled) => C:\Users\romek
WDAGUtilityAccount (S-1-5-21-648718490-3214130810-706754298-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.001.20615 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 24.3.8975.1633 - AVG)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1582.3 - AVG Technologies) Hidden
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.03 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.4 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
FocusWriter (HKLM-x32\...\FocusWriter) (Version: 1.8.4 - Graeme Gott)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 123.0.6312.86 - Google LLC)
Kontrola stavu osobního počítače s Windows (HKLM\...\{95548B78-8547-4E91-B0DA-1CBB82150917}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 4.0.75.0 - Lenovo Group Ltd.)
MEmu (HKLM-x32\...\MEmu) (Version: 9.0.9.2 - Microvirt Software Technology Co., Ltd.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 123.0.2420.81 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 123.0.2420.65 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\OneDriveSetup.exe) (Version: 24.050.0310.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\OneDriveSetup.exe) (Version: 23.246.1127.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Rec Room Launcher 0.93.1 (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\d7c58ef5-8724-5a07-96d7-bb828f09e01c) (Version: 0.93.1 - Rec Room Inc.)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - ‭Canon Inc.)
Roblox Player for repov (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\roblox-player) (Version: - Roblox Corporation)
Roblox Studio for repov (HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\roblox-studio) (Version: - Roblox Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B9A7A138-BFD5-4C73-A269-F78CCA28150E}) (Version: 8.94.0.0 - Microsoft Corporation)

Packages:
=========

Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2023-12-14] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2024-03-22] ()
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-03-22] ()
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2024-01-05] (Canon Inc.)
Dolby Audio -> C:\Program Files\WindowsApps\dolbylaboratories.dolbyaudio_3.20301.311.0_x64__rz1tebttyb220 [2024-01-05] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-01] (Microsoft Corporation)
Edit Docx PLUS -> C:\Program Files\WindowsApps\24091FileFormatApps.WordEditorBasic_2.1.9.0_x64__8t2vtv4rwtrk0 [2023-12-14] (File Format Apps)
Lenovo Hotkeys -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_4.6.12.0_x64__5grkq8ppsgwt4 [2024-04-02] (LENOVO INC) [Startup Task]
Microsoft Copilot -> C:\Program Files\WindowsApps\Microsoft.Windows.Ai.Copilot.Provider_1.0.3.0_neutral__8wekyb3d8bbwe [2024-03-31] (Microsoft Corporation)
PDF Reader Editor Elf -> C:\Program Files\WindowsApps\42742filesuite.PDFreaderforadobeacrobat_1.1.2.0_x64__1cyam58dzt1cw [2024-04-02] (PDF reader apps)
Power2Go for Lenovo -> C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt [2024-01-05] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.2.4112.0_x86__m916jedk64snt [2024-01-05] (CYBERLINKCOM CORPORATION)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.10.216.0_x64__dt26b99r8h8gj [2024-01-05] (Realtek Semiconductor Corp)
Roblox -> C:\Program Files\WindowsApps\ROBLOXCORPORATION.ROBLOX_2.615.606.0_x64__55nm5eh3cm0pr [2024-03-12] (Roblox Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-01-05] (Microsoft Corporation)
Scanner X -> C:\Program Files\WindowsApps\6760NGPDFLab.ScannerX_1.0.1.0_x64__sbe4t8mqwq93a [2023-12-14] (NG PDF Lab)
SoftOrbits MP3 Downloader for YouTube -> C:\Program Files\WindowsApps\SoftOrbits.SoftOrbitsMP3DownloaderforYouTube_1.6.0.0_x64__9808nkjsftezr [2023-12-20] (SoftOrbits)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-03-04] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-648718490-3214130810-706754298-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-648718490-3214130810-706754298-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2024-04-02] (AVG Technologies USA, LLC -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2023-11-05 05:48 - 2023-11-05 05:48 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Incorporated)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-648718490-3214130810-706754298-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\repov\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
HKU\S-1-5-21-648718490-3214130810-706754298-1008\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "WinampAgent"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A55678F5-D25F-4283-B096-E66E968F387A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.16501.20210.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DA186D8C-38A9-4052-942B-A78620128DA1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D6342BFE-5425-41D5-8589-BFAA73000FF0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BACA34BD-CA7D-45DF-9857-E8E476B21733}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AE2962FF-98A9-4C23-85FC-EB6845E5096F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.110.3218.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [{9533C497-2219-487D-A862-9E47399CB98C}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{7BB75AA7-25FC-4CE8-A480-220C8568B461}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> Gen Digital Inc.)
FirewallRules: [{8E5AA71C-CF87-442B-80A1-FEC0DD19A441}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CD39AFBB-A203-4E78-9982-B61C13D6FD33}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2C4E4C25-EB12-4E57-A538-137D248E04A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{38CF759B-7589-4F03-BCE7-29031F166C93}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C0842D24-8130-4B11-857E-3103DCDF30EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F922DBF3-16C9-43C5-B83C-F04C5A192140}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F0E1C6F9-DB54-470C-A162-7D35A465F698}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{369A65D4-0947-45C7-BDC5-129DDA7D424D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D112E9BA-3026-4330-B87C-BD335833A922}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B2BE20F0-C065-4A51-A7A4-4CDAF1A876FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.226.1187.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [{3D77B781-67FE-4A7B-BCF6-86EEC4DF8973}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D97EEFC2-91CB-4E41-AC5B-B13B142F0432}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

12-03-2024 09:32:04 Naplánovaný kontrolní bod
22-03-2024 23:20:33 Naplánovaný kontrolní bod
23-03-2024 10:27:28 Instalační služba modulů systému Windows
23-03-2024 10:46:56 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/07/2024 04:46:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devicecensus.exe, verze: 10.0.19645.1046, časové razítko: 0x827fe5ce
Název chybujícího modulu: amdihk64.dll_unloaded, verze: 2.0.0.1788, časové razítko: 0x609abf7b
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000008528
ID chybujícího procesu: 0x34a4
Čas spuštění chybující aplikace: 0x01da88f87d3259ac
Cesta k chybující aplikaci: C:\WINDOWS\system32\devicecensus.exe
Cesta k chybujícímu modulu: amdihk64.dll
ID zprávy: 5fdac869-d55c-4283-bc51-bd54e0268d93
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/07/2024 04:28:01 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\LAPTOP-CARLMBMQ$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Sun, 07 Apr 2024 14:28:03 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2cfac6e4-988b-40e7-be5e-9f0085a6d15f

Metoda: GET(907ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (04/07/2024 04:27:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DAX3API.exe, verze: 3.20301.323.0, časové razítko: 0x5c876b0e
Název chybujícího modulu: mscorlib.ni.dll, verze: 4.8.9181.0, časové razítko: 0x64b85429
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000577281
ID chybujícího procesu: 0x11f4
Čas spuštění chybující aplikace: 0x01da88f7ab41cada
Cesta k chybující aplikaci: C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe
Cesta k chybujícímu modulu: C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\mscorlib\987f639e2113a820112aca65fb12396c\mscorlib.ni.dll
ID zprávy: a86e7b3c-3c12-4d81-86a2-20a8790cd794
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/07/2024 04:27:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DAX3API.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na System.Collections.Generic.Dictionary`2[[System.Int32, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].Insert(Int32, System.__Canon, Boolean)
na DAX.EnumEx.AddEnumType(System.Type)
na DAX.EnumEx.ToStrEx(System.Enum)
na DAX.RuntimeManager.IsGaming()
na DAX.DAXAPIImplement.StartSoundRadarHost(UInt32)
na DAX.DAXAPIImplement.StartAllDaemonProcess()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()

Error: (04/01/2024 07:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: devicecensus.exe, verze: 10.0.19645.1046, časové razítko: 0x827fe5ce
Název chybujícího modulu: amdihk64.dll_unloaded, verze: 2.0.0.1788, časové razítko: 0x609abf7b
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000004f9c
ID chybujícího procesu: 0x22c
Čas spuštění chybující aplikace: 0x01da845853643edc
Cesta k chybující aplikaci: C:\WINDOWS\system32\devicecensus.exe
Cesta k chybujícímu modulu: amdihk64.dll
ID zprávy: 05974756-c99d-4c28-b133-c60d61660278
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/31/2024 03:11:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LenovoVantage-(SmartPanelAddin).exe, verze: 4.0.52.0, časové razítko: 0xe85968c6
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000001e7c1c904b8
ID chybujícího procesu: 0x3340
Čas spuštění chybující aplikace: 0x01da836cf38e6ef5
Cesta k chybující aplikaci: C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\LenovoVantage-(SmartPanelAddin).exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 77b014c2-1338-45a5-98b1-de0ea7666dff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/31/2024 03:11:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LenovoVantage-(SmartPanelAddin).exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.AccessViolationException
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.se_plugin_action(System.String, System.String, Byte**)
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.SendMsg(System.String, System.String, System.String)
na SmartPanelAddin.ContractHandlers.SmartAttentionAgent.GetAttention()
na SmartPanelAddin.Entry.Dispatcher.EventDispatcher.OnSessionChange(Lenovo.VantageService.Utilities.EventHub.EventArgs.SessionChangeEventArgs)
na Lenovo.VantageService.Utilities.Addin.AddinBase+<>c__DisplayClass18_0.<HandleEvent>b__0()
na System.Threading.Tasks.Task.Execute()
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.Tasks.Task.ExecuteWithThreadLocal(System.Threading.Tasks.Task ByRef)
na System.Threading.Tasks.Task.ExecuteEntry(Boolean)
na System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (03/25/2024 01:44:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SearchApp.exe, verze: 10.0.19041.4170, časové razítko: 0x7d12a6cf
Název chybujícího modulu: SearchApp.exe, verze: 10.0.19041.4170, časové razítko: 0x7d12a6cf
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000018f78
ID chybujícího procesu: 0x2534
Čas spuštění chybující aplikace: 0x01da7ea9b74de0ee
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
ID zprávy: 0110bed5-abcd-4da6-9630-a5131aca5f04
Úplný název chybujícího balíčku: Microsoft.Windows.Search_1.14.13.19041_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: CortanaUI


System errors:
=============
Error: (04/07/2024 04:53:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace bezpečnostních informací pro Microsoft Defender Antivirus – KB2267602 (verze 1.409.88.0) – Aktuální kanál (široká distribuce).

Error: (04/07/2024 04:52:37 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/07/2024 04:51:18 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/07/2024 04:50:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-CARLMBMQ)
Description: Server {20532D01-15BE-4BB9-A727-CA34555D881C} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/07/2024 04:35:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.

Error: (04/07/2024 04:31:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (04/07/2024 04:29:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Dolby DAX API Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/02/2024 05:21:49 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}


Windows Defender:
================
Date: 2024-01-05 21:30:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {68DFF0F8-CCB1-443D-A8E8-A730BCCF284B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-01-03 19:14:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ADCEFE8B-1355-4E25-8F9C-0976DBB01A9C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-20 19:23:10
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D9B70EF4-6339-40AC-B652-6F3F5D8FF870}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-15 18:28:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C2CB146A-7310-4558-B30B-459E607CA0BA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-12-06 14:27:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6EAB09DC-2DB5-4EA9-B3AD-26A3A82784B3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-12-19 12:30:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.680.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2023-12-19 12:30:03
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.403.680.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23110.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-11-19 19:55:49
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.401.754.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23100.2009
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

CodeIntegrity:
===============
Date: 2024-04-07 16:43:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2024-04-07 16:43:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: LENOVO 8UCN19WW 05/14/2021
Motherboard: LENOVO LNVNB161216
Processor: AMD A4-9125 RADEON R3, 4 COMPUTE CORES 2C+2G
Percentage of memory in use: 61%
Total physical RAM: 7055.98 MB
Available physical RAM: 2683.02 MB
Total Virtual: 14223.98 MB
Available Virtual: 9291.41 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.27 GB) (Free:776.78 GB) (Model: WDC WD10 SPZX-08Z10 SATA Disk Device) NTFS

\\?\Volume{d1d27b99-d0e1-4e91-ab23-f84200424eb5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.4 GB) NTFS
\\?\Volume{222f1be9-ef10-47fc-b444-2ffb6e83467a}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70A00E01)

Partition: GPT.

==================== End of Addition.txt =======================

Logfile of random's system information tool 1.10 (written by random/random)
Run by repov at 2024-04-07 19:33:36
Microsoft Windows 10 Home
System drive C: has 795 GB (83%) free of 953 GB
Total RAM: 7056 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:33:46, on 07.04.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.3636)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe
C:\Program Files\trend micro\repov.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo17win10.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
O4 - HKCU\..\Run: [OneDrive] "C:\Users\repov\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 24.045.0303.0003] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
O23 - Service: AVG Antivirus - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\AVGSvc.exe
O23 - Service: AVG Tools - Gen Digital Inc. - C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\aswidsagent.exe
O23 - Service: AVGWscReporter - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Antivirus\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_8270b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem5.inf,%ServiceDisplayName%;Dolby DAX API Service (DolbyDAXAPI) - Unknown owner - C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe (file missing)
O23 - Service: EasyAntiCheat - Epic Games, Inc - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ELAN Service (ETDService) - Unknown owner - C:\WINDOWS\System32\ETDService.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Fortemedia APO Control Service (FMAPOService) - Unknown owner - C:\WINDOWS\System32\FMService64.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @oem19.inf,%ImcSvcDisplayName%;System Interface Foundation Service (ImControllerService) - Lenovo Group Ltd. - C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LenovoVantageService - Lenovo - C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\WINDOWS\System32\RtkAudUService64.exe (file missing)
O23 - Service: @oem19.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10823 bytes

======Listing Processes======








winlogon.exe


C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e8eda8c2-4320-4c01-8a48-3a856a48145e -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-88a4b793-79a9-493e-a914-37cc091b454b -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-da9762cb-a0ae-4ee8-ae44-b73b56468f39 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c4a0f384-1d76-49dc-b2c5-53da455bacaa -LifetimeId:65dc4ae1-d3df-44c4-8798-a5809a271510 -DeviceGroupId: -HostArg:0
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\amdfendrsr.exe
C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
atieclxx

C:\WINDOWS\System32\ETDService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\Program Files\AVG\Antivirus\avgToolsSvc.exe" /runassvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
dashost.exe {cc865bbf-db4a-4487-98151042303f3a35}
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\FMService64.exe
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe"
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\WINDOWS\System32\RtkAudUService64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
AggregatorHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\ETDCtrlHelper.exe
sihost.exe
C:\WINDOWS\system32\ETDCtrl.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\WINDOWS\system32\ETDTouch.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\AVG\Antivirus\AVGUI.exe" /nogui
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files\AVG\Antivirus\aswEngSrv.exe" /pipename="DFE5C8B3-F7D1-52E7-7667-8ADD9C9BD220" /binpath="C:\Program Files\AVG\Antivirus" /logpath="C:\ProgramData\AVG\Antivirus\log"
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Windows\System32\RtkAudUService64.exe" -background

"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" --type=collab-renderer --proc=7420
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\WindowsApps\cyberlinkcorp.th.power2goforlenovo_8.0.12518.0_x86__m916jedk64snt\Power2Go8\CLMLSvc_P2G8.exe"

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe"
"C:\WINDOWS\system32\compattelrunner.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=gpu-process --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=9296 /prefetch:2
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=6656 /prefetch:8
"C:\Program Files\AVG\Antivirus\AVGUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=7984,9371272743208029774,14727518258659044770,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.101 Safari/537.36 Avastium (0.0.0) (Windows 10.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\repov\AppData\Roaming\AVG\Antivirus\log\cef_log.txt" --mojo-platform-channel-handle=6184 /prefetch:8
"C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe" -ServerName:App.AppXj7d2pwbjt1by8j1s5wak729xa46cf4br.mca
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MoetSFY6mU27DzEK.1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\123.0.6312.106_123.0.6312.86_chrome_updater.exe" --verbose-logging --do-not-launch-chrome --channel=stable --system-level
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\CHROME_PATCH.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --system-level
"C:\Program Files (x86)\Google\Update\Install\{2D506DE1-8202-4D4B-B98D-1EF1049A9836}\CR_66A06.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler --database=C:\WINDOWS\SystemTemp\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x2a0,0x2a4,0x2a8,0x27c,0x2ac,0x7ff6618d4698,0x7ff6618d46a4,0x7ff6618d46b0
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(VantageCoreAddin).exe" VantageCoreAddin C:\ProgramData\Lenovo\Vantage\Addins\\VantageCoreAddin\1.0.0.123\VantageCoreAddin.dll VantageCoreAddin.e07024002b54402b892720d4128fb11c 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(DeviceSettingsSystemAddin).exe" DeviceSettingsSystemAddin C:\ProgramData\Lenovo\Vantage\Addins\\DeviceSettingsSystemAddin\1.0.5.9\DeviceSettingsSystemAddin.dll DeviceSettingsSystemAddin.0e1440cc862d411bb2510d800a34024d 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
C:\WINDOWS\system32\locator.exe
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(GenericMessagingAddin).exe" GenericMessagingAddin C:\ProgramData\Lenovo\Vantage\Addins\\GenericMessagingAddin\1.0.0.99\GenericMessagingAddin.dll GenericMessagingAddin.09615d71305b432db750f6d2d06f8de5 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files (x86)\Lenovo\VantageService\4.0.75.0\LenovoVantage-(LenovoServiceBridgeAddin).exe" LenovoServiceBridgeAddin C:\ProgramData\Lenovo\Vantage\Addins\\LenovoServiceBridgeAddin\1.0.0.88\LenovoServiceBridgeAddin.dll LenovoServiceBridgeAddin.0a7a6f1f833b49819984a8fea8acc5bd 45190b7c-c052-4e97-8bba-fbd6d53c17c7 8
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10061.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --no-startup-window
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\repov\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=123.0.6312.87 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=123.0.2420.65 --initial-client-data=0x294,0x298,0x29c,0x290,0x2f8,0x7ff922ce4e48,0x7ff922ce4e54,0x7ff922ce4e60
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2472,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=2416 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1948,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=2700 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2272,i,10260290933169218934,4291607069019256003,262144 --variations-seed-version --mojo-platform-channel-handle=3212 /prefetch:8
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\repov\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\repov\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\repov\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.86 --initial-client-data=0x224,0x228,0x22c,0x1cc,0x230,0x7ff947f1cc40,0x7ff947f1cc4c,0x7ff947f1cc58
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2040,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2036 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2292,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2352 /prefetch:3
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2428,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=2440 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=8898571659 --field-trial-handle=5028,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5660 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=8939586430 --field-trial-handle=4796,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5712 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --no-appcompat-clear --field-trial-handle=8560,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=8552 /prefetch:8
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SystemSettingsAdminFlows.exe" OptionalFeaturesAdminHelper
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4163_none_7e304ec47c735f2e\TiWorker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-648718490-3214130810-706754298-10016_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-648718490-3214130810-706754298-10016 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
taskhostw.exe
powershell.exe -ExecutionPolicy Restricted -Command Write-Host 'Final result: 1';
\??\C:\WINDOWS\system32\conhost.exe 0x4
powershell.exe -ExecutionPolicy Restricted -Command $Res = 0; $Infs = Get-Item -Path ($env:WinDir + '\inf\*.inf'); foreach ($Inf in $Infs) { $Data = Get-Content $Inf.FullName; if ($Data -match '\[defaultinstall.nt(amd64|arm|arm64|x86)\]') { $Res = 1; break; } } Write-Host 'Final result:', $Res;
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x394
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 836 840 848 8192 844 820
"C:\Users\repov\Desktop\RSITx64.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=175 --time-ticks-at-unix-epoch=-1712499930937828 --launch-time-ticks=11236409222 --field-trial-handle=8028,i,1687767652017266069,6186665230951291390,262144 --variations-seed-version=20240405-130210.165000 --mojo-platform-channel-handle=5400 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho_64.dll [2024-04-04 577472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 217784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\BHO\ie_to_edge_bho.dll [2024-04-04 454184]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23 184488]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 6149288]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-03-18 177568]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23 4452504]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-03-18 158112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RtkAudUService"=C:\WINDOWS\System32\RtkAudUService64.exe [2020-03-24 1076728]
"AVGUI.exe"=C:\Program Files\AVG\Antivirus\AvLaunch.exe [2024-04-02 460736]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\repov\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2024-04-07 3306504]
"MicrosoftEdgeAutoLaunch_09E1EF1FDA7C6746BC449F5F2AE690C3"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2024-03-27 4063800]
"Adobe Acrobat Synchronizer"=C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2024-03-18 11504544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]
"Uninstall 24.045.0303.0003"=C:\WINDOWS\system32\cmd.exe [2023-11-19 289792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"=C:\Program Files (x86)\Winamp\winampa.exe []
"CanonQuickMenu"=C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [2017-07-05 1313408]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\avgSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"FilterAdministratorToken"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2024-04-07 19:33:37 ----D---- C:\Program Files\trend micro
2024-04-07 19:33:36 ----D---- C:\rsit
2024-04-07 16:28:41 ----A---- C:\WINDOWS\system32\avgBoot.exe
2024-04-02 16:28:58 ----A---- C:\WINDOWS\system32\drivers\asw236276cee15ba1d1.tmp
2024-03-23 11:40:55 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2024-03-23 11:40:50 ----A---- C:\WINDOWS\system32\cdp.dll
2024-03-23 11:40:50 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2024-03-23 11:40:12 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2024-03-23 11:40:11 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2024-03-23 11:40:10 ----A---- C:\WINDOWS\system32\mfcore.dll
2024-03-23 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2024-03-23 11:40:08 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2024-03-23 11:40:07 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2024-03-23 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2024-03-23 11:40:06 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2024-03-23 11:40:05 ----A---- C:\WINDOWS\SYSWOW64\sqlsrv32.dll
2024-03-23 11:40:05 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2024-03-23 11:40:04 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2024-03-23 11:40:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2024-03-23 11:40:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2024-03-23 11:40:02 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2024-03-23 11:40:00 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiverExt.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpupdate.exe
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll
2024-03-23 11:39:57 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\tsgqec.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\tlscsp.dll
2024-03-23 11:39:54 ----A---- C:\WINDOWS\system32\MemoryDiagnostic.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\tapisrv.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\offreg.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\mstscax.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\msimsg.dll
2024-03-23 11:39:52 ----A---- C:\WINDOWS\system32\msi.dll
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2024-03-23 11:39:51 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2024-03-23 11:39:49 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2024-03-23 11:39:49 ----A---- C:\WINDOWS\system32\ieframe.dll
2024-03-23 11:39:48 ----A---- C:\WINDOWS\system32\jscript9.dll
2024-03-23 11:39:48 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\mshtml.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\iesetup.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\iernonce.dll
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\ie4ushowIE.exe
2024-03-23 11:39:45 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpupdate.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpresult.exe
2024-03-23 11:39:44 ----A---- C:\WINDOWS\system32\gpedit.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\WinHvPlatform.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\regsvc.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\MiracastReceiverExt.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\edpcsp.dll
2024-03-23 11:39:43 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2024-03-23 11:39:42 ----A---- C:\WINDOWS\system32\computestorage.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\tcbloader.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2024-03-23 11:39:40 ----A---- C:\WINDOWS\system32\hvix64.exe
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\UnifiedConsent.dll
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\hvloader.dll
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\hvax64.exe
2024-03-23 11:39:39 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\LockScreenData.dll
2024-03-23 11:39:38 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2024-03-23 11:39:37 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2024-03-23 11:39:36 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\omadmapi.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\enterpriseresourcemanager.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2024-03-23 11:39:35 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2024-03-23 11:39:17 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2024-03-23 11:39:17 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2024-03-23 11:39:16 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\LaunchTM.exe
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2024-03-23 11:39:15 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2024-03-23 11:39:14 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2024-03-23 11:39:13 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2024-03-23 11:39:12 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2024-03-23 11:39:12 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2024-03-23 11:39:11 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\profext.dll
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2024-03-23 11:39:10 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2024-03-23 11:39:09 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2024-03-23 11:39:08 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\XInputUap.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2024-03-23 11:39:07 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2024-03-23 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2024-03-23 11:39:06 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2024-03-23 11:39:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2024-03-23 11:39:04 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2024-03-23 11:39:03 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2024-03-23 11:39:02 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\imageres.dll
2024-03-23 11:39:01 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\SystemSettings.DataModel.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\secproc.dll
2024-03-23 11:39:00 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\system32\ServicingUAPI.dll
2024-03-23 11:38:59 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2024-03-23 11:38:58 ----A---- C:\WINDOWS\SYSWOW64\PkgMgr.exe
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2024-03-23 11:38:58 ----A---- C:\WINDOWS\system32\netplwiz.dll
2024-03-23 11:38:57 ----A---- C:\WINDOWS\system32\twinui.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\themeui.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\IppCommonProxy.dll
2024-03-23 11:38:56 ----A---- C:\WINDOWS\system32\IppCommon.dll
2024-03-23 11:38:55 ----A---- C:\WINDOWS\system32\APMon.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\nlaapi.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\NetworkDesktopSettings.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\ncsi.dll
2024-03-23 11:38:54 ----A---- C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\nlasvc.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2024-03-23 11:38:53 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2024-03-23 11:38:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2024-03-23 11:38:52 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2024-03-23 11:38:51 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2024-03-23 11:38:50 ----A---- C:\WINDOWS\system32\LockScreenData.dll
2024-03-23 11:38:50 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\msIso.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\iertutil.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\gpapi.dll
2024-03-23 11:38:49 ----A---- C:\WINDOWS\system32\edgeIso.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\gpsvc.dll
2024-03-23 11:38:48 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2024-03-23 11:38:45 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\omadmclient.exe
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\omadmapi.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\enterpriseresourcemanager.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2024-03-23 11:38:44 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\policymanager.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dmwappushsvc.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2024-03-23 11:38:43 ----A---- C:\WINDOWS\system32\dcsvc.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\declaredconfiguration.dll
2024-03-23 11:38:42 ----A---- C:\WINDOWS\system32\configmanager2.dll
2024-03-23 11:38:29 ----A---- C:\WINDOWS\system32\sppobjs.dll
2024-03-23 11:38:29 ----A---- C:\WINDOWS\system32\sppcext.dll
2024-03-23 11:38:28 ----A---- C:\WINDOWS\system32\sppsvc.exe
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\usermgr.dll
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\shell32.dll
2024-03-23 11:38:25 ----A---- C:\WINDOWS\system32\OpenWith.exe
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\msctf.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\lpk.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\fontsub.dll
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2024-03-23 11:38:24 ----A---- C:\WINDOWS\system32\dciman32.dll
2024-03-23 11:38:23 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2024-03-23 11:38:23 ----A---- C:\WINDOWS\system32\netlogon.dll
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\sechost.dll
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2024-03-23 11:38:22 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2024-03-23 11:38:21 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2024-03-23 11:38:21 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2024-03-23 11:38:20 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2024-03-23 11:38:17 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2024-03-23 11:38:16 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2024-03-23 11:38:16 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2024-03-23 11:38:15 ----A---- C:\WINDOWS\system32\drivers\werkernel.sys
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\samlib.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\offlinesam.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\lsasrv.dll
2024-03-23 11:38:14 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\WinTypes.dll
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\wincorlib.dll
2024-03-23 11:38:13 ----A---- C:\WINDOWS\system32\samsrv.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\combase.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\ci.dll
2024-03-23 11:38:12 ----A---- C:\WINDOWS\system32\catsrvut.dll
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\es.dll
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2024-03-23 11:38:11 ----A---- C:\WINDOWS\system32\comsvcs.dll
2024-03-23 11:38:10 ----A---- C:\WINDOWS\system32\winresume.exe
2024-03-23 11:38:10 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2024-03-23 11:38:09 ----A---- C:\WINDOWS\system32\winload.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\LaunchTM.exe
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2024-03-23 11:38:08 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2024-03-23 11:38:07 ----A---- C:\WINDOWS\system32\InputCloudStore.dll
2024-03-23 11:38:06 ----A---- C:\WINDOWS\system32\ShellAppRuntime.exe
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\wups2.dll
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\wuauclt.exe
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2024-03-23 11:38:04 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2024-03-23 11:38:03 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\wcimage.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\wc_storage.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\drivers\cimfs.sys
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\daxexec.dll
2024-03-23 11:38:02 ----A---- C:\WINDOWS\system32\cimfs.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32u.dll
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2024-03-23 11:38:01 ----A---- C:\WINDOWS\system32\win32k.sys
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\wpncore.dll
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\wpnapps.dll
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2024-03-23 11:37:59 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\profext.dll
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\kerberos.dll
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\BFE.DLL
2024-03-23 11:37:58 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\storewuauth.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2024-03-23 11:37:56 ----A---- C:\WINDOWS\system32\InstallService.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\ISM.dll
2024-03-23 11:37:55 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2024-03-23 11:37:54 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2024-03-23 11:37:53 ----A---- C:\WINDOWS\system32\mssrch.dll
2024-03-23 11:37:53 ----A---- C:\WINDOWS\system32\InputService.dll
2024-03-23 11:37:52 ----A---- C:\WINDOWS\system32\win32kbase.sys
2024-03-23 11:37:39 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\dosvc.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\domgmt.dll
2024-03-23 11:37:38 ----A---- C:\WINDOWS\system32\DafDnsSd.dll
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2024-03-23 11:37:37 ----A---- C:\WINDOWS\system32\cdd.dll
2024-03-23 11:37:36 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2024-03-23 11:37:35 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\tbauth.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\GameInputSvc.exe
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\GameInputInbox.dll
2024-03-23 11:37:34 ----A---- C:\WINDOWS\system32\cloudAP.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\XInputUap.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\GameInput.dll
2024-03-23 11:37:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2024-03-23 11:37:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2024-03-23 11:37:29 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\StartTileData.dll
2024-03-23 11:37:28 ----A---- C:\WINDOWS\system32\readCloudDataSettings.exe
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\usbmon.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\pkeyhelper.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2024-03-23 11:37:25 ----A---- C:\WINDOWS\system32\localui.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\system32\imageres.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\system32\advapi32.dll
2024-03-23 11:37:23 ----A---- C:\WINDOWS\explorer.exe
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SystemSettingsBroker.exe
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll
2024-03-23 11:37:22 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\wpx.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\localspl.dll
2024-03-23 11:37:21 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2024-03-23 11:37:20 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\UCPDMgr.exe
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\drivers\UCPD.sys
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\CloudRestoreLauncher.dll
2024-03-23 11:37:19 ----A---- C:\WINDOWS\system32\bcdedit.exe
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\wosc.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\MitigationClient.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\fcon.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2024-03-23 11:37:18 ----A---- C:\WINDOWS\system32\autopilot.dll
2024-03-23 11:37:17 ----A---- C:\WINDOWS\system32\SpeechPal.dll
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2024-03-23 11:36:36 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2024-03-23 11:36:34 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2024-03-23 11:36:33 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2024-03-23 11:36:32 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2024-03-23 11:36:29 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2024-03-23 11:36:29 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2024-03-23 10:29:32 ----HD---- C:\$WinREAgent
2024-03-23 10:27:26 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2024-03-23 10:27:24 ----A---- C:\WINDOWS\system32\poqexec.exe
2024-03-22 19:42:53 ----A---- C:\WINDOWS\system32\drivers\avgStm.sys

======List of files/folders modified in the last 1 month======

2024-04-07 19:33:37 ----RD---- C:\Program Files
2024-04-07 19:33:21 ----HD---- C:\Program Files\WindowsApps
2024-04-07 19:33:10 ----D---- C:\WINDOWS\Temp
2024-04-07 19:32:46 ----D---- C:\WINDOWS\prefetch
2024-04-07 19:28:55 ----D---- C:\WINDOWS\INF
2024-04-07 19:19:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2024-04-07 19:19:07 ----D---- C:\WINDOWS\SystemTemp
2024-04-07 19:19:07 ----D---- C:\Program Files (x86)\Google
2024-04-07 19:06:31 ----D---- C:\FRST
2024-04-07 19:05:10 ----SHD---- C:\System Volume Information
2024-04-07 18:52:11 ----D---- C:\WINDOWS\AppReadiness
2024-04-07 18:51:47 ----SHD---- C:\WINDOWS\Installer
2024-04-07 18:50:18 ----D---- C:\WINDOWS\system32\sru
2024-04-07 18:49:41 ----D---- C:\WINDOWS\system32\SleepStudy
2024-04-07 17:01:16 ----D---- C:\WINDOWS\SysWOW64
2024-04-07 16:57:29 ----D---- C:\WINDOWS\system32\Tasks
2024-04-07 16:31:51 ----D---- C:\ProgramData\AVG
2024-04-07 16:28:43 ----HD---- C:\WINDOWS\ELAMBKUP
2024-04-07 16:28:41 ----D---- C:\WINDOWS\System32
2024-04-07 16:27:07 ----A---- C:\WINDOWS\system32\regtest.txt
2024-04-07 16:26:46 ----D---- C:\WINDOWS\ServiceState
2024-04-07 16:26:43 ----ASH---- C:\DumpStack.log.tmp
2024-04-07 16:23:11 ----D---- C:\WINDOWS\system32\CatRoot
2024-04-07 16:23:09 ----D---- C:\WINDOWS\system32\catroot2
2024-04-02 16:38:09 ----D---- C:\WINDOWS\apppatch
2024-04-02 16:28:59 ----D---- C:\WINDOWS\system32\drivers
2024-04-01 19:32:09 ----D---- C:\ProgramData\CanonIJPLM
2024-03-31 15:07:23 ----RD---- C:\Users
2024-03-31 15:01:53 ----SHD---- C:\$Recycle.Bin
2024-03-24 01:47:32 ----RD---- C:\WINDOWS\Microsoft.NET
2024-03-24 01:34:03 ----D---- C:\WINDOWS\system32\config
2024-03-24 01:30:06 ----D---- C:\WINDOWS\WinSxS
2024-03-24 01:28:43 ----D---- C:\WINDOWS\system32\DriverStore
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\migration
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\en-US
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\Dism
2024-03-24 01:23:57 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2024-03-24 01:23:55 ----D---- C:\WINDOWS\SystemResources
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\wbem
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\oobe
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\migration
2024-03-24 01:23:54 ----D---- C:\WINDOWS\system32\en-US
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\Dism
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\cs-CZ
2024-03-24 01:23:53 ----D---- C:\WINDOWS\system32\Boot
2024-03-24 01:23:48 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2024-03-24 01:23:48 ----D---- C:\WINDOWS\ShellExperiences
2024-03-24 01:23:48 ----D---- C:\WINDOWS\servicing
2024-03-24 01:23:48 ----D---- C:\WINDOWS\en-US
2024-03-24 01:23:48 ----D---- C:\WINDOWS\cs-CZ
2024-03-24 01:23:48 ----D---- C:\WINDOWS\bcastdvr
2024-03-24 01:23:48 ----D---- C:\Windows
2024-03-23 11:52:22 ----D---- C:\WINDOWS\CbsTemp
2024-03-23 11:36:36 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2024-03-23 08:47:22 ----D---- C:\WINDOWS\system32\MRT
2024-03-23 08:39:18 ----AC---- C:\WINDOWS\system32\MRT.exe
2024-03-23 00:28:28 ----D---- C:\Users\repov\AppData\Roaming\recroom-launcher
2024-03-22 19:49:14 ----D---- C:\Users\repov\AppData\Roaming\com.adobe.dunamis
2024-03-22 19:48:52 ----SHD---- C:\Config.Msi
2024-03-22 19:48:50 ----D---- C:\Program Files\RUXIM
2024-03-22 19:42:43 ----A---- C:\WINDOWS\system32\drivers\asw8347b51d7e6f8afb.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw7703d926ca385dbb.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw3c15a9c1acfbf0ef.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw39992cb57b66e993.tmp
2024-03-22 19:42:39 ----A---- C:\WINDOWS\system32\drivers\asw340045e05e1bc224.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\aswfc0628ed986ce766.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\aswcb871ebf028ecb93.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\asw33140d9784296617.tmp
2024-03-22 19:42:38 ----A---- C:\WINDOWS\system32\drivers\asw2d372f74f322ea36.tmp
2024-03-22 19:42:21 ----A---- C:\WINDOWS\system32\drivers\asw9bcb33b7088b87f6.tmp
2024-03-22 19:42:21 ----A---- C:\WINDOWS\system32\drivers\asw77c1dc43e6735457.tmp
2024-03-22 19:42:19 ----A---- C:\WINDOWS\system32\drivers\asw699cf4c0c4d3df12.tmp
2024-03-22 19:42:16 ----A---- C:\WINDOWS\system32\drivers\asw8529c7e934d6cc43.tmp
2024-03-22 19:41:48 ----D---- C:\WINDOWS\Minidump
2024-03-09 20:48:22 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\WinMetadata
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\wbem
2024-03-09 20:39:26 ----D---- C:\WINDOWS\SYSWOW64\setup
2024-03-09 20:39:22 ----D---- C:\WINDOWS\system32\WinMetadata
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\setup
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\SecureBootUpdates
2024-03-09 20:39:21 ----D---- C:\WINDOWS\system32\migwiz
2024-03-09 20:39:20 ----D---- C:\WINDOWS\system32\appraiser
2024-03-09 20:39:02 ----D---- C:\WINDOWS\ShellComponents
2024-03-09 20:38:53 ----D---- C:\WINDOWS\system32\CodeIntegrity
2024-03-09 20:38:36 ----D---- C:\WINDOWS\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2021-01-05 85704]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2021-01-05 43720]
R0 amdpsp;@oem1.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2021-03-23 137424]
R0 avgArDisk;avgArDisk; C:\WINDOWS\system32\drivers\avgArDisk.sys [2024-04-02 20528]
R0 avgbidsh;avgbidsh; C:\WINDOWS\system32\drivers\avgbidsh.sys [2024-04-02 292920]
R0 avgbuniv;avgbuniv; C:\WINDOWS\system32\drivers\avgbuniv.sys [2024-04-02 84536]
R0 avgElam;avgElam; C:\WINDOWS\system32\drivers\avgElam.sys [2024-02-17 27760]
R0 avgRvrt;avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [2024-04-02 69176]
R0 avgVmm;avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [2024-04-02 306232]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2023-11-19 58328]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2023-11-19 44032]
R1 avgArPot;avgArPot; C:\WINDOWS\system32\drivers\avgArPot.sys [2024-04-02 230448]
R1 avgbidsdriver;avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriver.sys [2024-04-02 379960]
R1 avgKbd;avgKbd; C:\WINDOWS\system32\drivers\avgKbd.sys [2024-04-02 28728]
R1 avgMonFlt;avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [2024-04-02 268856]
R1 avgNetHub;avgNetHub; C:\WINDOWS\system32\drivers\avgNetHub.sys [2024-04-02 548912]
R1 avgRdr;avgRdr; C:\WINDOWS\system32\drivers\avgRdr2.sys [2024-04-02 93752]
R1 avgSnx;avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [2024-04-02 935992]
R1 avgSP;avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [2024-04-02 695864]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2024-03-23 98816]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 MEmuDrv;MemuHyperv Service; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [2021-01-04 320360]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-11-19 145896]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2024-03-23 503808]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2023-11-19 53248]
R3 ACPIVPC;@oem56.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2022-08-31 48896]
R3 amdfendr;@oem43.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver; C:\WINDOWS\System32\drivers\amdfendr.sys [2021-04-30 117448]
R3 amdgpio2;@oem30.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2021-01-05 46344]
R3 amdi2c;@oem51.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2021-01-17 67808]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\amdkmdag.sys [2021-06-17 82687200]
R3 AMDXE;@oem7.inf,%AMDXE.SVCDESC%;AMD Link Controller Emulation; C:\WINDOWS\System32\drivers\amdxe.sys [2021-01-05 62056]
R3 AtiHDAudioService;@oem26.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2021-01-18 247216]
R3 avgStm;avgStm; C:\WINDOWS\system32\drivers\avgStm.sys [2024-03-22 201680]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2024-03-23 1572352]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2024-03-23 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 ETD;@oem6.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\System32\drivers\ETD.sys [2019-09-25 743872]
R3 ETDHCF;@oem16.inf,%ETDHCF.SVCDESC%;ELAN HID Class Filter Service; C:\WINDOWS\System32\drivers\ETDHCF.sys [2019-09-25 30144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-03-24 7321896]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2023-11-19 323440]
R3 rt640x64;@oem36.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2021-01-05 1171552]
R3 RtkBtFilter;@oem19.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2019-09-11 801480]
R3 RTWlanE;@oem25.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2019-10-30 11388112]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2023-11-19 142208]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2023-11-19 159728]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2023-11-19 694272]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2024-03-07 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2023-11-19 282624]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2024-03-23 113664]
S3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2023-11-19 65536]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2023-11-19 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2024-03-23 45568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2023-11-19 133632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 ETD_Keyboard;ELAN Keyboard Filter Driver; C:\WINDOWS\System32\drivers\ETD.sys [2019-09-25 743872]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2023-11-19 104448]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2023-11-19 92160]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2024-03-23 96136]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2023-11-19 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2023-11-19 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2023-11-19 210944]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2023-11-19 131560]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2024-03-23 998256]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTSUER;@oem3.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-10-18 421312]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2023-11-19 36208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2024-01-31 172992]
R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\WINDOWS\system32\amdfendrsr.exe [2021-04-30 517536]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0368456.inf_amd64_fc65705fd5034968\B367348\atiesrxx.exe [2021-06-17 527560]
R2 AVG Antivirus;AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [2024-04-02 802752]
R2 AVG Tools;AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [2024-04-02 1238456]
R2 AVGWscReporter;AVGWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [2024-01-05 109480]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 CDPUserSvc_8270b;Uživatelská služba platformy připojených zařízení_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R2 ETDService;ELAN Service; C:\WINDOWS\System32\ETDService.exe [2019-09-25 249792]
R2 FMAPOService;Fortemedia APO Control Service; C:\WINDOWS\System32\FMService64.exe [2019-08-16 359808]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-05-14 140936]
R2 ImControllerService;@oem19.inf,%ImcSvcDisplayName%;System Interface Foundation Service; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2022-11-20 93896]
R2 LenovoVantageService;LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\4.0.75.0\LenovoVantageService.exe [2024-03-03 34168]
R2 OneSyncSvc_8270b;Hostitel synchronizace_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R2 RtkAudioUniversalService;Realtek Audio Universal Service; C:\WINDOWS\System32\RtkAudUService64.exe [2020-03-24 1076728]
R2 RtkBtManServ;@oem19.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service; C:\WINDOWS\RtkBtManServ.exe [2019-09-11 705648]
R3 avgbIDSAgent;avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [2024-04-02 9164216]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 cbdhsvc_8270b;Uživatelská služba schránky_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 PimIndexMaintenanceSvc_8270b;Data kontaktů_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S2 DolbyDAXAPI;@oem5.inf,%ServiceDisplayName%;Dolby DAX API Service; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [2019-03-14 644976]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-10-20 156232]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AarSvc_8270b;Agent Activation Runtime_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BcastDVRUserService_8270b;Uživatelská služba pro GameDVR a vysílání her_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BluetoothUserService_8270b;Služba pro podporu uživatelů Bluetooth_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CaptureService_8270b;CaptureService_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 ConsentUxUserSvc_8270b;ConsentUX_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-11-19 386984]
S3 CredentialEnrollmentManagerUserSvc_8270b;CredentialEnrollmentManagerUserSvc_8270b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2023-11-19 386984]
S3 dcsvc;@%systemroot%\system32\dcsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DeviceAssociationBrokerSvc_8270b;DeviceAssociationBroker_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicePickerUserSvc_8270b;DevicePicker_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DevicesFlowUserSvc_8270b;Tok zařízení_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2024-02-11 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2024-03-04 811496]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 GameInputSvc;@%systemroot%\system32\GameInputSvc.exe,-101; C:\WINDOWS\System32\GameInputSvc.exe [2024-03-23 53768]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\123.0.6312.86\elevation_service.exe [2024-03-26 1670944]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-10-20 156232]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MessagingService_8270b;Služba zasílání zpráv_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\elevation_service.exe [2024-04-04 1838136]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2023-11-19 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PrintWorkflowUserSvc_8270b;PrintWorkflow_8270b; C:\WINDOWS\system32\svchost.exe [2023-11-19 55456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2023-11-19 55456]

-----------------EOF-----------------

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. V souč. době, kdy převažují 64b systémy, je zbytečné dávat log RSIT. Je s nimi nekompatibilní a k ničemu ho nepotřebujeme,

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.04.2024 01
Ran by repov (07-04-2024 20:04:52) Run:2
Running from C:\Users\repov\Desktop
Loaded Profiles: repov & romek
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
FirewallRules: [{A91004ED-A60D-4262-A79C-B1605709D440}] => (Allow) C:\Users\repov\AppData\Local\Programs\Opera\106.0.4998.28\opera.exe => No File
FirewallRules: [TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
FirewallRules: [UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\repov\appdata\local\programs\opera\opera.exe => No File
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe" (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1001\...\RunOnce: [Uninstall 24.045.0303.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\repov\AppData\Local\Microsoft\OneDrive\24.045.0303.0003" [0 2024-04-07] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2024-01-05] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-648718490-3214130810-706754298-1008\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\romek\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2024-01-07] () <==== ATTENTION [zero byte File/Folder]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {CAFCB0CC-8F31-4D66-B43F-1E2D25882187} - System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {87412682-69C6-408D-9CE1-C1CBFC4712CA} - System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-10-20] (Google LLC -> Google LLC)
Task: {7EAE14B9-6A74-4F05-880E-4CF98B46E3B0} - System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => C:\Program Files (x86)\Lenovo\VantageService\3.13.72.0\ScheduleEventAction.exe NotificationCenter (No File)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A91004ED-A60D-4262-A79C-B1605709D440}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{EB2679A2-42B3-4C5D-9401-F2875B01B66F}C:\users\repov\appdata\local\programs\opera\opera.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D6AA9960-A070-4991-8306-FDECC3C0C354}C:\users\repov\appdata\local\programs\opera\opera.exe" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WinampAgent" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Update Binary" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 24.045.0303.0003" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Delete Cached Standalone Update Binary" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005\amd64" => removed successfully
"HKU\S-1-5-21-648718490-3214130810-706754298-1008\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 21.220.1024.0005" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CAFCB0CC-8F31-4D66-B43F-1E2D25882187}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAFCB0CC-8F31-4D66-B43F-1E2D25882187}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{87412682-69C6-408D-9CE1-C1CBFC4712CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{87412682-69C6-408D-9CE1-C1CBFC4712CA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7EAE14B9-6A74-4F05-880E-4CF98B46E3B0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7EAE14B9-6A74-4F05-880E-4CF98B46E3B0}" => removed successfully
C:\WINDOWS\System32\Tasks\Lenovo\Vantage\Schedule\NotificationCenter => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Vantage\Schedule\NotificationCenter" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{97B38ED0-5EF6-44F3-BEB2-E226C9B41451}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{6E4E077E-B89A-495D-B3C6-D4B5811D1943}" => not found
C:\WINDOWS\system32\Drivers\asw9bcb33b7088b87f6.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw39992cb57b66e993.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw33140d9784296617.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw8347b51d7e6f8afb.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw340045e05e1bc224.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswfc0628ed986ce766.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw8529c7e934d6cc43.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswcb871ebf028ecb93.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw3c15a9c1acfbf0ef.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw7703d926ca385dbb.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw2d372f74f322ea36.tmp => moved successfully
C:\WINDOWS\system32\Drivers\asw77c1dc43e6735457.tmp => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 63408716 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 140544508 B
Edge => 0 B
Chrome => 657808930 B
Firefox => 0 B
Opera => 6947800 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 853676 B
systemprofile32 => 853676 B
LocalService => 974976 B
NetworkService => 1100664 B
repov => 464568742 B
defaultuser100000 => 464568742 B
defaultuser100000.LAPTOP-CARLMBMQ => 464568742 B
romek => 587185569 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:06:47 ====

Smazáno, log je již OK.