pomoc

[Robiop15]

Dobrý den, rád bych poslal ke kontrole log, ale nechce mi to pustit .txt viz příloha...Co s tím?

[Rudy]

Zdravím. Toť prosté, milý Watsone. Jednoduše zkopírujte text ze souboru *.txt a vložte sem do velkého bílého okénka po rozkliknutí tlačítka "odpovědět". Druhá možnost je zabalit ten soubor do raru a přiložit ho jako přílohu. Kromě koncovek *.rar a *.zip jsou všechny ostatní přípony zakázané.

[Robiop15]

Logfile of random's system information tool 1.10 (written by random/random)
Run by pollo at 2022-01-18 14:49:29
Microsoft Windows 10 Pro
System drive C: has 49 GB (43%) free of 114 GB
Total RAM: 8078 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:49:36, on 18.01.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\pollo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... 07&pc=UE06
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DeepL] "C:\Users\pollo\AppData\Local\DeepL\app-2.8.12302\DeepL.exe" --minimized
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_2362f - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) SUR QC Software Asset Manager (Intel(R) SUR QC SAM) - Intel Corporation - C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @oem115.inf,%TSSDisplayName%;TSDSettingService (TSDSettingService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\dynabookSystemService.exe
O23 - Service: @oem115.inf,%TBDisplayName%;TSDTabletControlService (TSDTabletControlService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\TOSTABSYSSVC.exe
O23 - Service: @oem115.inf,%RMDisplayName%;TSDWirelessLEDCtlService (TSDWirelessLEDCtlService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\RMService.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9396 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
winlogon.exe
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
igfxEM.exe
igfxHK.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\drivers\AdminService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\WINDOWS\SysWOW64\PnkBstrB.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
"C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\dynabookSystemService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\RMService.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe" "--AUTO_START" "--start" "--start_options_registry_key" "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ESRV_SVC_QUEENCREEK\_start"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\CompPkgSrv.exe -Embedding
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe" "--start" "--start_options_handle" "1036"
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\AUDIODG.EXE 0x448
"C:\Users\pollo\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job - C:\WINDOWS\explorer.exe /NoUACCheck

=========Mozilla firefox=========

ProfilePath - C:\Users\pollo\AppData\Roaming\Mozilla\Firefox\Profiles\rhs9v8yp.default-release-1638528005450

prefs.js - "browser.startup.homepage" - "www.seznam.cz"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.12]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.16]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2021-12-06 112191904]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-12-07 35373696]
"DeepL"=C:\Users\pollo\AppData\Local\DeepL\app-2.8.12302\DeepL.exe [2021-09-06 133632]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\WINDOWS\System32\l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2022-01-18 14:49:30 ----D---- C:\Program Files\trend micro
2022-01-18 14:49:29 ----DC---- C:\rsit
2022-01-17 10:09:14 ----D---- C:\WINDOWS\LastGood.Tmp
2022-01-17 10:07:48 ----A---- C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\SYSWOW64\IntelOpenCL32.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\SYSWOW64\Intel_OpenCL_ICD32.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\SYSWOW64\iglhsip32.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\SYSWOW64\iglhcp32.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\SYSWOW64\igfxexps32.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiUtils64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiMux64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelWiDiAAC64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\IntelOpenCL64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\iglhsip64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\iglhcp64.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxOSP.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxLHMLib.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxexps.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxEMLibv2_0.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxEMLib.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxDILibv2_0.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxDILib.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxDHLibv2_0.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxDHLib.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxCoIn_v5161.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\SYSWOW64\igfxcmrt32.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\SYSWOW64\igfxcmjit32.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\SYSWOW64\igfx11cmrt32.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\SYSWOW64\igdusc32.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igfxCUIServicePS.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igfxcmrt64.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igfxcmjit64.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igfx11cmrt64.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igdumdim64.dll
2022-01-17 10:07:45 ----A---- C:\WINDOWS\SYSWOW64\igdumdim32.dll
2022-01-17 10:07:45 ----A---- C:\WINDOWS\SYSWOW64\igdrcl32.dll
2022-01-17 10:07:45 ----A---- C:\WINDOWS\SYSWOW64\igdmd32.dll
2022-01-17 10:07:45 ----A---- C:\WINDOWS\system32\igdrcl64.dll
2022-01-17 10:07:45 ----A---- C:\WINDOWS\system32\igdmd64.dll
2022-01-17 10:07:44 ----A---- C:\WINDOWS\system32\igdfcl64.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\SYSWOW64\igdfcl32.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\SYSWOW64\igdde32.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\SYSWOW64\igdbcl32.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\SYSWOW64\igdail32.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\SYSWOW64\igd10iumd32.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\system32\igdde64.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\system32\igdbcl64.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\system32\igdail64.dll
2022-01-17 10:07:42 ----A---- C:\WINDOWS\SYSWOW64\IntelCpHeciSvc.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\SYSWOW64\ig7icd32.dll
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\IntelWiDiVAD64.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\IntelWiDiUMS64.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\igfxTray.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\igfxext.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\ig7icd64.dll
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\IccLibDll_x64.dll
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\Gfxv4_0.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\Gfxv2_0.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\GfxUIEx.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\DPTopologyApp.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\difx64.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\CustomModeAppv2_0.exe
2022-01-17 10:07:41 ----A---- C:\WINDOWS\system32\CustomModeApp.exe
2022-01-14 19:17:05 ----D---- C:\Program Files\Mozilla Firefox
2022-01-13 09:52:06 ----A---- C:\WINDOWS\system32\default_error_stack-000004-000000.txt
2022-01-10 14:44:58 ----A---- C:\WINDOWS\system32\default_error_stack-000003-000000.txt
2022-01-08 13:15:55 ----A---- C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2022-01-07 11:10:10 ----A---- C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2022-01-06 20:28:37 ----A---- C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2022-01-04 15:18:59 ----D---- C:\ProgramData\ProductData
2022-01-04 15:18:03 ----D---- C:\ProgramData\IObit
2022-01-04 11:54:45 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-12-28 16:19:43 ----A---- C:\WINDOWS\system32\drivers\BthHfEnum.sys
2021-12-28 16:19:43 ----A---- C:\WINDOWS\system32\drivers\BthA2dp.sys

======List of files/folders modified in the last 1 month======

2022-01-18 14:49:30 ----RD---- C:\Program Files
2022-01-18 14:42:01 ----D---- C:\Users\pollo\AppData\Roaming\vlc
2022-01-18 14:41:46 ----D---- C:\Users\pollo\AppData\Roaming\audacity
2022-01-18 14:41:41 ----D---- C:\WINDOWS\Temp
2022-01-18 14:41:31 ----D---- C:\WINDOWS\AppReadiness
2022-01-18 14:40:11 ----D---- C:\WINDOWS\Prefetch
2022-01-18 14:29:01 ----D---- C:\ProgramData\Mozilla
2022-01-18 14:27:17 ----D---- C:\Program Files\CCleaner
2022-01-18 14:25:09 ----ASH---- C:\DumpStack.log.tmp
2022-01-18 14:24:36 ----D---- C:\WINDOWS\system32\sru
2022-01-18 13:55:50 ----D---- C:\WINDOWS\system32\SleepStudy
2022-01-18 10:12:48 ----D---- C:\WINDOWS\system32\catroot2
2022-01-18 09:16:37 ----D---- C:\WINDOWS\system32\DriverStore
2022-01-18 09:16:37 ----D---- C:\WINDOWS\INF
2022-01-18 09:14:20 ----RD---- C:\WINDOWS\Microsoft.NET
2022-01-17 22:09:41 ----RD---- C:\Program Files (x86)
2022-01-17 22:07:13 ----D---- C:\WINDOWS\system32\config
2022-01-17 22:07:13 ----D---- C:\WINDOWS\Logs
2022-01-17 16:13:18 ----D---- C:\Windows
2022-01-17 16:04:26 ----HD---- C:\ProgramData
2022-01-17 16:04:15 ----D---- C:\WINDOWS\system32\Tasks
2022-01-17 14:04:02 ----D---- C:\ProgramData\Intel
2022-01-17 14:04:01 ----D---- C:\WINDOWS\System32
2022-01-17 14:03:57 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2022-01-17 14:03:45 ----D---- C:\WINDOWS\system32\drivers
2022-01-17 14:03:11 ----D---- C:\WINDOWS\system32\CatRoot
2022-01-17 10:09:32 ----D---- C:\WINDOWS\SysWOW64
2022-01-17 10:07:47 ----A---- C:\WINDOWS\SYSWOW64\opencl.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxLHM.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxDTCM.dll
2022-01-17 10:07:47 ----A---- C:\WINDOWS\system32\igfxDI.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igfxDH.dll
2022-01-17 10:07:46 ----A---- C:\WINDOWS\system32\igdusc64.dll
2022-01-17 10:07:43 ----A---- C:\WINDOWS\system32\igd10iumd64.dll
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\igfxHK.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\igfxEM.exe
2022-01-17 10:07:42 ----A---- C:\WINDOWS\system32\igfxCUIService.exe
2022-01-15 16:53:59 ----D---- C:\Users\pollo\AppData\Roaming\Stellarium
2022-01-15 11:58:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-13 14:31:51 ----D---- C:\Program Files\Audacity
2022-01-13 13:36:06 ----D---- C:\Program Files (x86)\Common Files
2022-01-13 10:34:06 ----D---- C:\WINDOWS\Microsoft Antimalware
2022-01-13 10:14:16 ----SHD---- C:\Config.Msi
2022-01-13 10:13:40 ----SHD---- C:\WINDOWS\Installer
2022-01-13 10:12:51 ----HD---- C:\WINDOWS\ELAMBKUP
2022-01-08 13:11:13 ----D---- C:\WINDOWS\LiveKernelReports
2022-01-04 16:31:04 ----D---- C:\Program Files (x86)\Microsoft
2022-01-04 16:30:17 ----HD---- C:\Program Files\WindowsApps
2022-01-04 16:05:26 ----D---- C:\WINDOWS\Tasks
2022-01-04 15:47:41 ----D---- C:\WINDOWS\SYSWOW64\drivers
2022-01-04 11:39:56 ----SHD---- C:\$Recycle.Bin
2022-01-04 11:39:26 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2022-01-04 11:38:21 ----RD---- C:\Users
2022-01-03 17:04:46 ----D---- C:\WINDOWS\CbsTemp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 DLMFENC;DLMFENC; C:\WINDOWS\system32\DRIVERS\DLMFENC.sys [2019-10-02 174152]
R0 DLPCRYPT;DLPCRYPT; C:\WINDOWS\system32\DRIVERS\dlpcrypt.sys [2019-10-02 121728]
R0 dlpvdisk;dlpvdisk; C:\WINDOWS\system32\DRIVERS\dlpvdisk.sys [2019-10-02 98296]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-06-10 57168]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2021-11-12 331088]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-07-16 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-10-15 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-10-15 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-11-12 496640]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-08 53248]
R3 athr;@oem114.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2017-11-24 4321160]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2019-09-04 69368]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-11-12 1555968]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-11-12 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 dtultrascsibus;@oem86.inf,%DisplayName%;DAEMON Tools Ultra Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [2021-09-28 42256]
R3 dtultrausbbus;@oem116.inf,%DisplayName%;DAEMON Tools Ultra Virtual USB Bus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [2021-09-28 59344]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2022-01-17 3814240]
R3 int0800;@oem113.inf,%Flashud_svcdesc%;Intel 28F320C3 Flash Update Device Driver v6.4; C:\WINDOWS\System32\drivers\flashud.sys [2019-08-21 62984]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2021-03-03 6398976]
R3 IntcDAud;@oem118.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem94.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-10-06 322376]
R3 RSP2STOR;@oem51.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2015-06-01 301784]
R3 rt640x64;@oem111.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2021-03-24 1149440]
R3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys [2021-07-23 41816]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-09-17 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2021-11-12 138056]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2021-11-12 174408]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2021-11-12 154952]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2021-09-17 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-11-12 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-10-06 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-11-12 45568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 dtlitescsibus;@oem7.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2019-10-17 42256]
S3 GENERICDRV;GENERICDRV; \??\C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [2012-07-27 15640]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-09-17 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-08 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-07-09 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-09-17 208384]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [2010-10-22 14136]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-11-12 129848]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTL8168;@oem49.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\System32\drivers\Rt630x64.sys [2020-09-08 1127200]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-17 169728]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [2019-09-04 382712]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 CDPUserSvc_2362f;CDPUserSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R2 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [2021-07-23 1024432]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2022-01-17 327008]
R2 OneSyncSvc_2362f;OneSyncSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe []
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe []
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 cbdhsvc_2362f;cbdhsvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 PimIndexMaintenanceSvc_2362f;PimIndexMaintenanceSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-10-15 986032]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AarSvc_2362f;AarSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BcastDVRUserService_2362f;BcastDVRUserService_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BluetoothUserService_2362f;BluetoothUserService_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 CaptureService_2362f;CaptureService_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 ConsentUxUserSvc_2362f;ConsentUxUserSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2022-01-17 397664]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-17 382696]
S3 CredentialEnrollmentManagerUserSvc_2362f;CredentialEnrollmentManagerUserSvc_2362f; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-17 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DeviceAssociationBrokerSvc_2362f;DeviceAssociationBrokerSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicePickerUserSvc_2362f;DevicePickerUserSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevicesFlowUserSvc_2362f;DevicesFlowUserSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-11-12 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 Intel(R) SUR QC SAM;Intel(R) SUR QC Software Asset Manager; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2021-07-21 3075936]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MessagingService_2362f;MessagingService_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2022-01-14 243128]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PrintWorkflowUserSvc_2362f;PrintWorkflowUserSvc_2362f; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2021-11-12 6103464]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-13 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2021-11-12 783192]
S4 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-08 57360]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-08 57360]

-----------------EOF-----------------
Omlovám se Rudy. Je mi skoro 70 roků a technika jde kupředu, zatímco mně mozkové buňky ubývají. Občas budu klást dotazy o nichž si většina na fóru bude myslet, že jsou triviální až debilní. Ale tak už to je. Tak se nezlobte. Díky. Snažím se.

[Rudy]

Já se nezlobím, mě je také 67, spíš jsem se pobavil. Ale to nic. Jaký je váš problém, kvůli němuž jste nás navštívil?

[Robiop15]

Můj problém je, že se nedají otevřít některé aplikace. Navíc jsem zjistil, že mám problém s Windows Update /chyba 0x80080005 /, takže nevím, zda to spolu souvisí. Mám antivir jen Windows Defender a ten také nejde aktualizovat. Takže jsem se domníval, že by za problémem mohla být nějaká breberuška.
Zatím Díky.

[Rudy]

OK. Zkusíme vyčistit. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Robiop15]

Posílám výsledek AdwCleaneru

-------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-18-2022
# Duration: 00:00:39
# OS: Windows 10 Pro
# Scanned: 32026
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1405 octets] - [06/10/2020 11:34:30]
AdwCleaner[S01].txt - [1466 octets] - [12/10/2020 11:38:22]
AdwCleaner[S02].txt - [1527 octets] - [19/10/2020 11:22:00]
AdwCleaner[S03].txt - [1588 octets] - [26/10/2020 11:21:15]
AdwCleaner[S04].txt - [2005 octets] - [02/11/2020 11:21:28]
AdwCleaner[C04].txt - [2121 octets] - [02/11/2020 11:21:44]
AdwCleaner[S05].txt - [1771 octets] - [09/11/2020 10:16:07]
AdwCleaner[C05].txt - [1961 octets] - [09/11/2020 10:16:36]
AdwCleaner[S06].txt - [1893 octets] - [15/11/2020 14:09:34]
AdwCleaner[S07].txt - [1954 octets] - [23/11/2020 10:37:43]
AdwCleaner[C07].txt - [2144 octets] - [23/11/2020 10:37:50]
AdwCleaner[S08].txt - [2810 octets] - [30/11/2020 11:27:44]
AdwCleaner[C08].txt - [2872 octets] - [30/11/2020 11:27:54]
AdwCleaner[S09].txt - [2198 octets] - [07/12/2020 11:35:51]
AdwCleaner[S10].txt - [2259 octets] - [07/12/2020 11:38:38]
AdwCleaner[C10].txt - [2449 octets] - [07/12/2020 11:38:47]
AdwCleaner[S11].txt - [2381 octets] - [11/12/2020 21:27:19]
AdwCleaner[S12].txt - [2442 octets] - [14/12/2020 11:06:26]
AdwCleaner[S13].txt - [2503 octets] - [23/12/2020 09:54:34]
AdwCleaner[C13].txt - [2693 octets] - [23/12/2020 09:57:34]
AdwCleaner[S14].txt - [2625 octets] - [28/12/2020 10:21:18]
AdwCleaner[C14].txt - [2815 octets] - [28/12/2020 10:21:28]
AdwCleaner[S15].txt - [2747 octets] - [03/01/2021 10:33:21]
AdwCleaner[S16].txt - [3112 octets] - [11/01/2021 14:31:34]
AdwCleaner[C16].txt - [3226 octets] - [11/01/2021 14:31:44]
AdwCleaner[S17].txt - [2930 octets] - [11/01/2021 14:33:00]
AdwCleaner[C17].txt - [3120 octets] - [11/01/2021 14:33:07]
AdwCleaner[S18].txt - [3052 octets] - [18/01/2021 13:15:24]
AdwCleaner[S19].txt - [3113 octets] - [25/01/2021 22:06:50]
AdwCleaner[C19].txt - [3303 octets] - [25/01/2021 22:06:58]
AdwCleaner[S20].txt - [3536 octets] - [01/02/2021 16:38:25]
AdwCleaner[C20].txt - [3670 octets] - [01/02/2021 16:38:33]
AdwCleaner[S21].txt - [3357 octets] - [08/02/2021 10:56:38]
AdwCleaner[S22].txt - [3418 octets] - [15/02/2021 10:13:48]
AdwCleaner[S23].txt - [3478 octets] - [22/02/2021 16:45:46]
AdwCleaner[S24].txt - [3539 octets] - [01/03/2021 13:32:43]
AdwCleaner[S25].txt - [3600 octets] - [08/03/2021 09:34:20]
AdwCleaner[S26].txt - [3661 octets] - [15/03/2021 10:04:35]
AdwCleaner[C26].txt - [3852 octets] - [15/03/2021 10:04:45]
AdwCleaner[S27].txt - [3783 octets] - [22/03/2021 09:34:59]
AdwCleaner[C27].txt - [3974 octets] - [22/03/2021 09:35:14]
AdwCleaner[S28].txt - [3906 octets] - [29/03/2021 14:12:12]
AdwCleaner[C28].txt - [4096 octets] - [29/03/2021 14:12:31]
AdwCleaner[S29].txt - [4028 octets] - [06/04/2021 10:25:21]
AdwCleaner[C29].txt - [4218 octets] - [06/04/2021 10:25:41]
AdwCleaner[S30].txt - [4150 octets] - [14/04/2021 20:51:43]
AdwCleaner[C30].txt - [4340 octets] - [14/04/2021 20:51:49]
AdwCleaner[S31].txt - [4272 octets] - [15/04/2021 10:47:40]
AdwCleaner[C31].txt - [4462 octets] - [15/04/2021 10:47:46]
AdwCleaner[S32].txt - [4394 octets] - [26/04/2021 13:34:54]
AdwCleaner[C32].txt - [4584 octets] - [26/04/2021 13:35:03]
AdwCleaner[S33].txt - [4516 octets] - [03/05/2021 22:21:04]
AdwCleaner[C33].txt - [4706 octets] - [03/05/2021 22:21:11]
AdwCleaner[S34].txt - [4638 octets] - [12/05/2021 08:55:11]
AdwCleaner[C34].txt - [4828 octets] - [12/05/2021 08:55:19]
AdwCleaner[S35].txt - [4760 octets] - [17/05/2021 20:10:32]
AdwCleaner[C35].txt - [4950 octets] - [17/05/2021 20:10:40]
AdwCleaner[S36].txt - [4882 octets] - [24/05/2021 09:17:18]
AdwCleaner[C36].txt - [5072 octets] - [24/05/2021 09:17:27]
AdwCleaner[S37].txt - [5004 octets] - [01/06/2021 21:46:38]
AdwCleaner[C37].txt - [5194 octets] - [01/06/2021 21:46:45]
AdwCleaner[S38].txt - [5126 octets] - [07/06/2021 16:44:59]
AdwCleaner[C38].txt - [5316 octets] - [07/06/2021 16:45:07]
AdwCleaner[S39].txt - [5248 octets] - [19/06/2021 13:54:57]
AdwCleaner[C39].txt - [5438 octets] - [19/06/2021 13:55:06]
AdwCleaner[S40].txt - [5370 octets] - [24/06/2021 15:30:26]
AdwCleaner[C40].txt - [5560 octets] - [24/06/2021 15:30:33]
AdwCleaner[S41].txt - [5492 octets] - [28/06/2021 22:04:21]
AdwCleaner[C41].txt - [5682 octets] - [28/06/2021 22:04:29]
AdwCleaner[S42].txt - [5614 octets] - [07/07/2021 11:33:33]
AdwCleaner[C42].txt - [5804 octets] - [07/07/2021 11:33:40]
AdwCleaner[S43].txt - [5736 octets] - [12/07/2021 10:49:40]
AdwCleaner[C43].txt - [5926 octets] - [12/07/2021 10:49:47]
AdwCleaner[S44].txt - [5858 octets] - [19/07/2021 15:53:50]
AdwCleaner[C44].txt - [6048 octets] - [19/07/2021 15:53:57]
AdwCleaner[S45].txt - [5980 octets] - [26/07/2021 14:14:30]
AdwCleaner[C45].txt - [6170 octets] - [26/07/2021 14:14:45]
AdwCleaner[S46].txt - [6102 octets] - [02/08/2021 11:39:30]
AdwCleaner[C46].txt - [6292 octets] - [02/08/2021 11:39:37]
AdwCleaner[S47].txt - [6224 octets] - [16/08/2021 21:17:21]
AdwCleaner[C47].txt - [6414 octets] - [16/08/2021 21:17:28]
AdwCleaner[S48].txt - [6346 octets] - [26/08/2021 11:13:15]
AdwCleaner[C48].txt - [6536 octets] - [26/08/2021 11:13:24]
AdwCleaner[S49].txt - [6468 octets] - [30/08/2021 14:20:41]
AdwCleaner[C49].txt - [6658 octets] - [30/08/2021 14:20:51]
AdwCleaner[S50].txt - [6590 octets] - [07/09/2021 21:48:45]
AdwCleaner[C50].txt - [6780 octets] - [07/09/2021 21:48:51]
AdwCleaner[S51].txt - [6712 octets] - [13/09/2021 21:15:17]
AdwCleaner[C51].txt - [6902 octets] - [13/09/2021 21:15:23]
AdwCleaner[S52].txt - [7441 octets] - [15/09/2021 14:01:52]
AdwCleaner[C52].txt - [7707 octets] - [15/09/2021 14:02:16]
AdwCleaner[S53].txt - [6956 octets] - [19/09/2021 17:29:37]
AdwCleaner[C53].txt - [7146 octets] - [19/09/2021 17:29:43]
AdwCleaner[S54].txt - [7078 octets] - [27/09/2021 11:45:19]
AdwCleaner[C54].txt - [7268 octets] - [27/09/2021 11:45:25]
AdwCleaner[S55].txt - [7200 octets] - [02/10/2021 09:26:48]
AdwCleaner[C55].txt - [7390 octets] - [02/10/2021 09:27:23]
AdwCleaner[S56].txt - [7322 octets] - [04/10/2021 14:22:38]
AdwCleaner[S57].txt - [7383 octets] - [04/10/2021 14:25:26]
AdwCleaner[S58].txt - [7444 octets] - [04/10/2021 14:31:17]
AdwCleaner[C58].txt - [7634 octets] - [04/10/2021 14:31:28]
AdwCleaner[S59].txt - [7566 octets] - [04/10/2021 14:38:36]
AdwCleaner[C59].txt - [7756 octets] - [04/10/2021 14:38:41]
AdwCleaner[S60].txt - [7688 octets] - [04/10/2021 14:49:31]
AdwCleaner[C60].txt - [7878 octets] - [04/10/2021 14:49:36]
AdwCleaner[S61].txt - [7810 octets] - [04/10/2021 19:46:08]
AdwCleaner[C61].txt - [8000 octets] - [04/10/2021 19:46:16]
AdwCleaner[S62].txt - [7932 octets] - [11/10/2021 10:19:57]
AdwCleaner[C62].txt - [8122 octets] - [11/10/2021 10:20:02]
AdwCleaner[S63].txt - [8054 octets] - [20/10/2021 17:10:22]
AdwCleaner[C63].txt - [8244 octets] - [20/10/2021 17:10:30]
AdwCleaner[S64].txt - [8176 octets] - [27/10/2021 13:40:22]
AdwCleaner[C64].txt - [8366 octets] - [27/10/2021 13:40:28]
AdwCleaner[S65].txt - [8298 octets] - [02/11/2021 11:50:32]
AdwCleaner[C65].txt - [8488 octets] - [02/11/2021 11:50:37]
AdwCleaner[S66].txt - [8420 octets] - [09/11/2021 11:33:45]
AdwCleaner[C66].txt - [8610 octets] - [09/11/2021 11:33:51]
AdwCleaner[S67].txt - [8542 octets] - [15/11/2021 09:39:13]
AdwCleaner[C67].txt - [8732 octets] - [15/11/2021 09:39:20]
AdwCleaner[S68].txt - [8731 octets] - [24/11/2021 09:30:56]
AdwCleaner[C68].txt - [9119 octets] - [24/11/2021 09:31:12]
AdwCleaner[S69].txt - [8853 octets] - [24/11/2021 09:48:01]
AdwCleaner[C69].txt - [9241 octets] - [24/11/2021 09:48:29]
AdwCleaner[S70].txt - [8975 octets] - [24/11/2021 11:39:04]
AdwCleaner[S71].txt - [11526 octets] - [24/11/2021 12:08:39]
AdwCleaner[C71].txt - [3519 octets] - [24/11/2021 12:09:40]
AdwCleaner[S72].txt - [9092 octets] - [24/11/2021 12:15:40]
AdwCleaner[C72].txt - [9282 octets] - [24/11/2021 12:15:51]
AdwCleaner[S73].txt - [9214 octets] - [24/11/2021 14:09:32]
AdwCleaner[C73].txt - [9404 octets] - [24/11/2021 14:09:37]
AdwCleaner[S74].txt - [11181 octets] - [24/11/2021 16:35:52]
AdwCleaner[C74].txt - [11008 octets] - [24/11/2021 16:36:02]
AdwCleaner[S75].txt - [9460 octets] - [24/11/2021 16:41:58]
AdwCleaner[C75].txt - [9650 octets] - [24/11/2021 16:42:04]
AdwCleaner[S76].txt - [9582 octets] - [24/11/2021 18:18:57]
AdwCleaner[S77].txt - [9643 octets] - [24/11/2021 21:29:08]
AdwCleaner[C77].txt - [9833 octets] - [24/11/2021 21:29:13]
AdwCleaner[S78].txt - [9765 octets] - [27/11/2021 10:43:26]
AdwCleaner[C78].txt - [9955 octets] - [27/11/2021 10:43:35]
AdwCleaner[S79].txt - [9887 octets] - [27/11/2021 21:33:24]
AdwCleaner[C79].txt - [10077 octets] - [27/11/2021 21:33:28]
AdwCleaner[S80].txt - [10010 octets] - [28/11/2021 21:47:21]
AdwCleaner[C80].txt - [10201 octets] - [28/11/2021 21:47:27]
AdwCleaner[S81].txt - [10134 octets] - [28/11/2021 21:54:21]
AdwCleaner[C81].txt - [10325 octets] - [28/11/2021 21:54:29]
AdwCleaner[S82].txt - [10258 octets] - [05/12/2021 21:32:47]
AdwCleaner[C82].txt - [10449 octets] - [05/12/2021 21:32:58]
AdwCleaner[S83].txt - [10382 octets] - [06/12/2021 10:02:21]
AdwCleaner[C83].txt - [10573 octets] - [06/12/2021 10:02:25]
AdwCleaner[S84].txt - [10506 octets] - [13/12/2021 14:19:02]
AdwCleaner[C84].txt - [10803 octets] - [13/12/2021 14:19:14]
AdwCleaner[S85].txt - [10630 octets] - [22/12/2021 15:55:02]
AdwCleaner[C85].txt - [10927 octets] - [22/12/2021 15:55:14]
AdwCleaner[S86].txt - [10754 octets] - [28/12/2021 16:32:47]
AdwCleaner[S87].txt - [10816 octets] - [28/12/2021 16:33:31]
AdwCleaner[C87].txt - [11113 octets] - [28/12/2021 16:33:43]
AdwCleaner[S88].txt - [10940 octets] - [03/01/2022 16:12:43]
AdwCleaner[C88].txt - [11237 octets] - [03/01/2022 16:12:58]
AdwCleaner[S89].txt - [11064 octets] - [08/01/2022 13:14:00]
AdwCleaner[C89].txt - [11361 octets] - [08/01/2022 13:14:15]
AdwCleaner[S90].txt - [11188 octets] - [13/01/2022 10:07:36]
AdwCleaner[C90].txt - [11485 octets] - [13/01/2022 10:07:52]
AdwCleaner[S91].txt - [11312 octets] - [17/01/2022 16:17:38]
AdwCleaner[C91].txt - [11609 octets] - [17/01/2022 16:17:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S92].txt ##########

[Rudy]

Tohle je OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=152706 .

[Robiop15]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by pollo (administrator) on DESKTOP-7SPP4K9 (TOSHIBA SATELLITE C50-B) (18-01-2022 22:54:33)
Running from C:\Users\pollo\Desktop
Loaded Profiles: pollo
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\RMService.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [112191904 2021-12-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35373696 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\Run: [DeepL] => C:\Users\pollo\AppData\Local\DeepL\app-2.8.12302\DeepL.exe [133632 2021-09-06] (DeepL GmbH) [File not signed]
HKU\S-1-5-21-659336292-2538152791-1950108696-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0385BD38-2130-48A1-9B39-EDE2D36193AA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-12-07] (Piriform Software Ltd -> Piriform)
Task: {03DC4185-6D1D-408E-B26A-8A8E76F3014C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-659336292-2538152791-1950108696-500 => C:\Users\pollo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {040C73E3-027B-4167-9658-A2BB747D36AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {06868CB8-BBEC-4D5E-AFAA-01A3EC47DC5C} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {0A86D569-F718-46C3-83A6-1CF209B54718} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0C200E77-CD6A-4D64-BACA-8DB257855CEF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {44EC6112-96FC-47F9-87AB-9E0F0B87F913} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\pollo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {542E9112-8677-4188-B732-8188F547705B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-659336292-2538152791-1950108696-500 => C:\Users\pollo\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (No File)
Task: {992C03D1-1FE3-4E12-BBB4-BEF5A39E45E2} - System32\Tasks\CCleanerSkipUAC - pollo => C:\Program Files\CCleaner\CCleaner.exe [29442688 2021-12-07] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AED27A33-2115-461E-8950-86DCB068E62E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {B7D07978-8DE7-458E-AD52-D5870F5E87E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {B84DFE38-5462-4107-9810-5AC912F46666} - System32\Tasks\Opera scheduled Autoupdate 1638293029 => C:\Users\pollo\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {C0B0258D-060F-4450-8F8D-F0AD1D0F4C5D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\pollo\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File)
Task: {CBE7CFF5-90D0-4F14-A7AB-62C3AEC28ED4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {D08FC73B-77DF-4528-AFAB-487F35056F7E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)
Task: {DBDBED9E-E667-44F2-836C-8E4C8D55C476} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-03-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {ED55BD00-6FA4-4CBA-A17D-E335D4101C48} - System32\Tasks\Opera scheduled assistant Autoupdate 1638293059 => C:\Users\pollo\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\pollo\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {F06F222D-B925-4F93-AF51-95A2BE1ED988} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F25F4A8B-FD6D-41F3-8E7D-A9E016F509B1} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3075936 2021-07-21] (Intel Corporation -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 86.49.160.2 8.8.8.8
Tcpip\..\Interfaces\{89995cd3-334b-408f-b0f7-bb08f9dfdc50}: [DhcpNameServer] 86.49.160.2 8.8.8.8

Edge:
=======
DownloadDir: C:\Users\pollo\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\pollo\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-17]
Edge HKU\S-1-5-21-659336292-2538152791-1950108696-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx <not found>
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: yhdeelpi.default
FF ProfilePath: C:\Users\pollo\AppData\Roaming\Mozilla\Firefox\Profiles\rhs9v8yp.default-release-1638528005450 [2022-01-18]
FF DownloadDir: C:\Users\pollo\Desktop
FF Homepage: Mozilla\Firefox\Profiles\rhs9v8yp.default-release-1638528005450 -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\rhs9v8yp.default-release-1638528005450 -> hxxps://member.digiopinion.com
FF Extension: (Privacy Badger) - C:\Users\pollo\AppData\Roaming\Mozilla\Firefox\Profiles\rhs9v8yp.default-release-1638528005450\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-12-09]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\pollo\AppData\Roaming\Mozilla\Firefox\Profiles\rhs9v8yp.default-release-1638528005450\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-12-20]
FF ProfilePath: C:\Users\pollo\AppData\Roaming\Mozilla\Firefox\Profiles\yhdeelpi.default [2021-11-23]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-659336292-2538152791-1950108696-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [66872 2021-01-05] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [107832 2021-01-05] (Even Balance, Inc. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\dynabookSystemService.exe [44783792 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\TOSTABSYSSVC.exe [304888 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\RMService.exe [454848 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2019-10-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [42256 2021-09-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [59344 2021-09-28] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] (American Megatrends, Inc. -> )
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (Micro-Star Int'l Co. Ltd. -> MSI)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [207344 2021-09-28] (Disc Soft Ltd -> Duplex Secure Ltd)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_3a7a9fcae48f1ca6\TosSrvCtlDrv.sys [27120 2021-09-10] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-18 22:54 - 2022-01-18 22:55 - 000016740 _____ C:\Users\pollo\Desktop\FRST.txt
2022-01-18 22:54 - 2022-01-18 22:55 - 000000000 ___DC C:\FRST
2022-01-18 22:53 - 2022-01-18 22:53 - 002311680 _____ (Farbar) C:\Users\pollo\Desktop\FRST64.exe
2022-01-18 18:53 - 2022-01-18 19:15 - 415533127 _____ C:\Users\pollo\Desktop\Krásy evropského pobřeží, V srdci Baltu (2006).mp4
2022-01-18 18:36 - 2022-01-18 18:36 - 339585024 _____ C:\Users\pollo\Desktop\po-stopach-hvezd-2008-03-20-jiri-krampol-xvid-dvb-hykr-cz.avi
2022-01-18 18:25 - 2022-01-18 18:47 - 397243370 _____ C:\Users\pollo\Desktop\Krásy evropského pobřeží, Gdaňsk (2007).mp4
2022-01-18 14:49 - 2022-01-18 14:49 - 000000000 ___DC C:\rsit
2022-01-18 14:49 - 2022-01-18 14:49 - 000000000 ____D C:\Program Files\trend micro
2022-01-17 22:07 - 2022-01-18 21:40 - 096206848 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-01-17 19:37 - 2022-01-17 19:38 - 672068198 _____ C:\Users\pollo\Desktop\neobjasnena-akta-nasa-i-3-cerny-rytir-povstal.avi
2022-01-17 10:09 - 2022-01-17 10:09 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-01-17 10:07 - 2022-01-17 10:07 - 022903696 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 017847184 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 011896000 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 011048792 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 010575912 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 008522640 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 006508944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 004391264 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 004387680 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 004024192 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 003692592 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 002505992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 002035592 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 001995144 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 001793928 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 001766792 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 001469824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 001155896 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 001151744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000968032 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000872320 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000659328 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000617872 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000616832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000554336 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000553824 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000467600 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000442208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000408416 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000407904 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000397664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000385416 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000381280 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000379784 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000379240 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000374672 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000357760 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000330128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000295304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000264584 _____ C:\WINDOWS\system32\igfxCPL.cpl
2022-01-17 10:07 - 2022-01-17 10:07 - 000262496 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000229776 _____ C:\WINDOWS\system32\igdde64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000229560 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000226184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v5161.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000223616 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000203104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2022-01-17 10:07 - 2022-01-17 10:07 - 000198992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000194264 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000193416 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000191376 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000190848 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000170896 _____ C:\WINDOWS\system32\igdail64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000169272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000163720 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000152464 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000141696 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000107392 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000102800 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000095112 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000078216 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000072592 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000069008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000068488 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000040616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000039304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000019336 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000019336 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000018824 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000018824 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000013704 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000013704 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2022-01-17 10:07 - 2022-01-17 10:07 - 000002572 _____ C:\WINDOWS\system32\iglhxs64.vp
2022-01-17 09:59 - 2017-04-12 17:28 - 165168142 _____ ( ) C:\Users\pollo\Desktop\Setup_TN_Hungarian.exe
2022-01-16 20:23 - 2022-01-16 21:12 - 000000000 ____D C:\Users\pollo\Desktop\Nová složka
2022-01-14 19:17 - 2022-01-15 11:58 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-13 14:44 - 2022-01-13 14:45 - 000000000 ____D C:\Users\pollo\Desktop\Duo_maďarština
2022-01-13 14:30 - 2022-01-13 14:30 - 034788008 _____ (Audacity Team ) C:\Users\pollo\Downloads\audacity-win-3.1.3-64bit.exe
2022-01-13 09:52 - 2022-01-13 09:52 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000004-000000.txt
2022-01-10 14:44 - 2022-01-10 14:44 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000003-000000.txt
2022-01-08 13:15 - 2022-01-08 13:15 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000002-000000.txt
2022-01-07 11:10 - 2022-01-07 11:10 - 000001434 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2022-01-06 20:28 - 2022-01-06 20:28 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2022-01-04 18:32 - 2022-01-04 18:32 - 004151778 _____ C:\Users\pollo\Desktop\Čína OH 2022.mp4
2022-01-04 15:18 - 2022-01-04 15:20 - 000000000 ____D C:\ProgramData\IObit
2022-01-04 15:18 - 2022-01-04 15:18 - 000000000 ____D C:\ProgramData\ProductData
2022-01-04 11:54 - 2022-01-04 11:54 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-01-04 11:50 - 2022-01-04 11:50 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2022-01-04 11:50 - 2022-01-04 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\SolidDocuments
2022-01-04 11:50 - 2022-01-04 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2022-01-04 11:43 - 2022-01-04 11:43 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-659336292-2538152791-1950108696-500
2022-01-04 11:42 - 2022-01-04 11:43 - 000003392 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-659336292-2538152791-1950108696-500
2022-01-04 11:42 - 2022-01-04 11:42 - 000000000 ___RD C:\Users\Administrator\OneDrive
2022-01-04 11:41 - 2022-01-04 11:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Intel
2022-01-04 11:39 - 2022-01-04 11:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2022-01-04 11:38 - 2022-01-04 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2022-01-04 11:38 - 2022-01-04 11:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2022-01-04 11:38 - 2022-01-04 11:43 - 000002385 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-04 11:38 - 2022-01-04 11:42 - 000000000 ____D C:\Users\Administrator
2022-01-04 11:38 - 2022-01-04 11:40 - 000002346 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2022-01-04 11:38 - 2022-01-04 11:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2022-01-04 11:38 - 2022-01-04 11:38 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Šablony
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Poslední
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2022-01-04 11:38 - 2022-01-04 11:38 - 000000000 ___RD C:\Users\Administrator\3D Objects
2022-01-04 11:38 - 2021-02-09 18:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2021-12-20 14:27 - 2021-12-21 14:31 - 000000223 _____ C:\Users\pollo\Desktop\gr.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-18 22:53 - 2020-10-06 10:09 - 000000000 ____D C:\Users\pollo\AppData\LocalLow\Mozilla
2022-01-18 22:49 - 2020-10-06 10:08 - 000000000 ____D C:\ProgramData\Mozilla
2022-01-18 22:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-18 22:17 - 2021-11-17 21:49 - 000000000 ____D C:\Users\pollo\AppData\Roaming\vlc
2022-01-18 21:43 - 2020-10-06 13:52 - 000000000 ____D C:\Program Files\CCleaner
2022-01-18 21:41 - 2020-10-06 09:42 - 000000000 __SHD C:\Users\pollo\IntelGraphicsProfiles
2022-01-18 21:40 - 2020-10-06 08:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-18 21:40 - 2020-10-06 08:26 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-18 21:40 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-01-18 20:54 - 2020-10-06 08:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-18 18:28 - 2020-10-06 14:32 - 000000000 ____D C:\Users\pollo\AppData\Local\Deployment
2022-01-18 14:41 - 2021-06-06 17:05 - 000000000 ____D C:\Users\pollo\AppData\Roaming\audacity
2022-01-18 10:44 - 2021-12-17 21:28 - 000000000 ____D C:\Users\pollo\AppData\Local\CrashDumps
2022-01-18 10:18 - 2021-12-13 18:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F29 Retaliator
2022-01-18 09:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-17 22:07 - 2021-08-06 15:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-01-17 14:04 - 2021-09-13 20:39 - 000000000 ____D C:\ProgramData\Intel
2022-01-17 14:03 - 2020-10-06 08:38 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2022-01-17 10:07 - 2020-10-06 08:28 - 000072592 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2022-01-17 10:07 - 2019-12-07 15:47 - 000069008 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2022-01-17 10:07 - 2016-08-31 23:55 - 012326232 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2022-01-17 10:07 - 2016-08-31 23:55 - 004660944 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2022-01-17 10:07 - 2016-08-31 23:55 - 003814240 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2022-01-17 10:07 - 2016-08-31 23:55 - 000680328 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2022-01-17 10:07 - 2016-08-31 23:55 - 000538464 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2022-01-17 10:07 - 2016-08-31 23:55 - 000327008 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2022-01-17 10:07 - 2016-08-31 23:55 - 000293256 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2022-01-17 10:07 - 2016-08-31 23:55 - 000261000 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2022-01-17 10:07 - 2016-08-31 23:55 - 000257888 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2022-01-17 10:07 - 2016-08-31 23:55 - 000217992 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2022-01-15 16:53 - 2020-10-08 16:11 - 000000000 ____D C:\Users\pollo\AppData\Roaming\Stellarium
2022-01-15 11:58 - 2020-10-06 10:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-14 20:12 - 2021-08-26 14:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-14 20:12 - 2020-10-06 10:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-13 18:18 - 2021-08-04 14:13 - 000000230 _____ C:\Users\pollo\Desktop\pol.txt
2022-01-13 14:31 - 2021-08-12 15:48 - 000000865 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2022-01-13 14:31 - 2021-08-12 15:48 - 000000000 ____D C:\Program Files\Audacity
2022-01-13 10:12 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-11 14:30 - 2020-10-06 20:29 - 000000000 ____D C:\Users\pollo\AppData\Local\Adobe
2022-01-11 14:06 - 2021-11-09 11:24 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-11 14:06 - 2020-10-10 20:26 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-09 08:36 - 2020-10-06 13:52 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-01-08 13:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-01-04 16:33 - 2020-10-06 09:42 - 000000000 ____D C:\Users\pollo\AppData\Local\Packages
2022-01-04 16:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-04 16:05 - 2020-11-15 16:14 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-01-04 11:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-04 11:38 - 2020-10-06 09:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-01-03 17:04 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-03 16:49 - 2020-10-20 21:09 - 000000000 ____D C:\Users\pollo\AppData\Local\D3DSCache
2022-01-01 22:26 - 2020-10-06 09:41 - 000000000 ____D C:\Users\pollo
2021-12-29 21:36 - 2020-10-06 11:02 - 000000000 ____D C:\Users\pollo\Desktop\Ocko

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by pollo (18-01-2022 22:57:19)
Running from C:\Users\pollo\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2020-10-06 07:38:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-659336292-2538152791-1950108696-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-659336292-2538152791-1950108696-503 - Limited - Disabled)
Guest (S-1-5-21-659336292-2538152791-1950108696-501 - Limited - Disabled)
pollo (S-1-5-21-659336292-2538152791-1950108696-1001 - Administrator - Enabled) => C:\Users\pollo
WDAGUtilityAccount (S-1-5-21-659336292-2538152791-1950108696-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.011.20039 - Adobe)
Audacity 3.1.3 (HKLM\...\Audacity_is1) (Version: 3.1.3 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.88 - Piriform)
DeepL (HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\DeepL) (Version: 2.8.12302 - DeepL GmbH)
Doc Viewer 2.0 (HKLM-x32\...\Doc Viewer 2.0) (Version: - )
FVC Free TS Converter 1.0.8 (HKLM-x32\...\{97C508D8-390D-4531-AC2E-2DDE72373DF6}_is1) (Version: 1.0.8 - FVC Studio)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{88B98508-2D8F-46F1-90AD-557BE40C7067}) (Version: 2.4.07642 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-659336292-2538152791-1950108696-500\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 96.0.1 (x64 cs)) (Version: 96.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.0.2 - Mozilla)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.102 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9126.1 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. Shadow of Chernobyl (HKLM-x32\...\1207660573_is1) (Version: 2.1.0.7 - GOG.com)
Skype verze 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
Stellarium 0.21.0 (HKLM\...\Stellarium_is1) (Version: 0.21.0 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.182 - Synaptics Incorporated)
TOSHIBA Function Key (HKLM\...\{ABB33FFD-6D6C-4670-9EF4-6181BB4D0DF2}) (Version: 1.1.15.6404 - Toshiba Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Videoder 1.0.9 (HKLM-x32\...\808fc302-3d01-59ce-8094-e0443a55877e) (Version: 1.0.9 - GlennioTech)
Virtual Moon Atlas V7.0 (HKLM-x32\...\{3EB7A19B-690F-49BA-B494-CADA547D0DB9}_is1) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vzum (HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\6cfa0c5674100ff8) (Version: 1.0.0.42 - Vzum)
WinRAR 5.90 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.90.0 - win.rar GmbH)
WinRAR 6.02 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-10-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-10-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-29] (Microsoft Studios) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3370.0_x64__8j3eq9eme6ctt [2021-07-21] (INTEL CORP) [Startup Task]
XLS Opener -> C:\Program Files\WindowsApps\BallardAppCraftery.CraftySpreadsheetViewer_1.3.4.0_x64__epyrqhfctk40t [2021-04-09] (Ballard App Craftery)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-659336292-2538152791-1950108696-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.l3acm] => C:\WINDOWS\System32\l3codecp.acm [184320 2019-12-07] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [msacm.l3acm] => C:\WINDOWS\SysWOW64\l3codecp.acm [189440 2019-12-07] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-07-23 10:36 - 2021-07-23 10:36 - 001638912 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\SQLite.Interop.dll
2021-07-23 10:36 - 2021-07-23 10:36 - 002122240 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-659336292-2538152791-1950108696-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pollo\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
HKU\S-1-5-21-659336292-2538152791-1950108696-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 86.49.160.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\StartupApproved\Run: => "DeepL"
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DBCD917D-DD95-491F-BEC2-EC29A2E04B71}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{64D0B962-8603-48FF-9DC4-24C9C2DB98B1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{90E434D6-8EDC-4F48-8975-E258678ED419}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AE1C3BFF-051D-4866-B0DA-A3717626D409}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{539C0E2A-C01D-4D77-A0B8-4447F227DA80}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8143A40D-8A88-4880-B7D7-96B2F7DC7D00}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B3FCB939-0DB5-4089-9F65-585CB07DE54C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1C38B8A4-0A57-428B-B726-4245A36F4624}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.143.700.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CA3B7A05-98C4-4848-A7C3-C8A9208B22C9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3C80854-E246-4DFD-B769-CBA260C32E57}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{2103E9CD-DEF6-4B41-8EC2-3A25FA035A4B}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{F56D3D40-A725-43EF-A734-68C5DFE2CB9A}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2ECEADE-2293-431D-B318-F8107B1D1188}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{44A2EEDF-9F13-411D-AC50-2DA60C5C650A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{496DA2B4-B4D6-4ED9-BD2F-A822D7FC88BC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{99514A12-B9E1-4D57-9E06-E4C86C6B2378}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{C1E6F0C6-629A-4093-9AA5-70892ECB1EC5}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{EF8C3EA2-9D33-458F-B2F0-180D3F3A8DE4}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{2F9A9BC5-1E43-46DA-A97B-2AF3DF4C0D85}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{67CA2522-FB44-4835-AFEF-03FE368875EB}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel Corporation -> )
FirewallRules: [{0480397C-25E0-4C7F-8C9F-C84E38E925E8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3FD1EB9E-E98A-4140-A98F-E8C0040BEF98}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{64A2EA12-5B24-443C-8E0D-2BB78A0A2F40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72DF1019-201A-492C-8D4B-0BC081156A68}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ADA1698B-8783-4D3D-9345-AB2DF2C2B0BB}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C125124D-F068-45D9-A8B9-A56484D11FED}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.07 GB) (Free:46.18 GB) (42%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/18/2022 09:45:05 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-7SPP4K9)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/18/2022 02:29:18 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-7SPP4K9)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/18/2022 12:21:34 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-7SPP4K9)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/18/2022 10:58:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.1320 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1efc

Čas spuštění: 01d80c50597193e3

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 2e1e8a02-7a70-468d-aaed-7d860b68d1b7

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Cross-process

Error: (01/18/2022 10:45:19 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.1320 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 107c

Čas spuštění: 01d80c4ff8bdda46

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 54df3d05-9640-46ae-8ca7-4236577fdb92

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Cross-process

Error: (01/18/2022 10:43:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1320, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0xe80
Čas spuštění chybující aplikace: 0x01d80c4f59a86486
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: ca315bec-17ad-476a-9a33-5f88883d173d
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (01/18/2022 10:37:01 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.1320 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: e58

Čas spuštění: 01d80c4ec16c456b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 7541b394-bd06-47ed-915d-096084b6b861

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Cross-process

Error: (01/18/2022 10:21:33 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-7SPP4K9)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (01/18/2022 10:54:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2022 10:52:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (01/18/2022 10:52:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2022 10:50:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.

Error: (01/18/2022 10:42:36 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-7SPP4K9)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/18/2022 10:42:17 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-7SPP4K9)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (01/18/2022 10:33:22 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/18/2022 10:31:22 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv byla ukončena s následující chybou:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
================
Date: 2022-01-17 22:08:59
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-01-17T21:08:59.000Z
Uživatel: DESKTOP-7SPP4K9\pollo
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.355.2037.0
Verze modulu: 1.1.18800.4
Verze produktu: 4.18.2111.5

Date: 2022-01-17 22:08:59
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-01-17T21:08:58.999Z
Uživatel: DESKTOP-7SPP4K9\pollo
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.355.2037.0
Verze modulu: 1.1.18800.4
Verze produktu: 4.18.2111.5

Date: 2022-01-17 16:11:01
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-01-17T15:11:01.909Z
Uživatel: DESKTOP-7SPP4K9\pollo
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.355.2037.0
Verze modulu: 1.1.18800.4
Verze produktu: 4.18.2111.5

Date: 2022-01-17 16:11:01
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-01-17T15:11:01.906Z
Uživatel: DESKTOP-7SPP4K9\pollo
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.355.2037.0
Verze modulu: 1.1.18800.4
Verze produktu: 4.18.2111.5

Date: 2022-01-17 09:53:44
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2022-01-17T08:53:44.614Z
Uživatel: DESKTOP-7SPP4K9\pollo
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.355.2037.0
Verze modulu: 1.1.18800.4
Verze produktu: 4.18.2111.5
Event[0]:

Date: 2022-01-18 14:40:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2037.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80080005
Popis chyby: Provádění serveru selhalo

Date: 2022-01-18 12:33:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2037.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2022-01-17 22:31:55
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2037.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80080005
Popis chyby: Provádění serveru selhalo

Date: 2022-01-17 22:22:58
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2037.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80080005
Popis chyby: Provádění serveru selhalo

Date: 2022-01-17 14:19:54
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2037.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

CodeIntegrity:
===============
Date: 2022-01-13 10:12:52
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: TOSHIBA TOSCPL - 1072009 08/10/2015
Motherboard: TOSHIBA ZBWAA
Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 29%
Total physical RAM: 8077.92 MB
Available physical RAM: 5729.85 MB
Total Virtual: 9470.92 MB
Available Virtual: 7086.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.07 GB) (Free:46.18 GB) NTFS

\\?\Volume{1da1355d-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{1da1355d-0000-0000-0000-e0ca1b000000}\ () (Fixed) (Total:0.62 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 1DA1355D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=633 MB) - (Type=27)

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-659336292-2538152791-1950108696-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\WINDOWS\LastGood.Tmp
C:\ProgramData\IObit
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Robiop15]

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by pollo (19-01-2022 10:31:52) Run:1
Running from C:\Users\pollo\Desktop
Loaded Profiles: pollo & Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin HKU\S-1-5-21-659336292-2538152791-1950108696-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
S3 wuauserv; C:\WINDOWS\system32\svchost.exe [57360 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-08] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
C:\WINDOWS\LastGood.Tmp
C:\ProgramData\IObit
C:\DumpStack.log.tmp
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.12 => removed successfully
HKU\S-1-5-21-659336292-2538152791-1950108696-1001\Software\MozillaPlugins\ubisoft.com/uplaypc => removed successfully
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll" => not found
HKLM\System\CurrentControlSet\Services\wuauserv => removed successfully
wuauserv => service removed successfully
wuauserv => service not found.
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\ProgramData\IObit => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ESD Shell Icon Overlay Identifier => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\FormatFactoryShell => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15911238 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 33068 B
Edge => 199693 B
Firefox => 1101150100 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 521690548 B
pollo => 536633407 B
Administrator => 579514532 B

RecycleBin => 0 B
EmptyTemp: => 2.6 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 19-01-2022 10:34:41)

C:\DumpStack.log.tmp => Could not move

Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully

==== End of Fixlog 10:34:42 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Robiop15]

Zdravím,
nastala . Chyba ve Windows Update se změnila na 0x80070424 Netuším, zda je to lépe nebo ne. Defender se už dal aktualizovat.
Byla tam nějaká breberuška?

[Rudy]

Nebyla, zato aůe spousta zbytečností, které jsme odstranili. Chyba 0x80070424. Koukněte nejprve sem: https://answers.microsoft.com/cs-cz/win ... fbf382d9e9 . V případě, že to nepomůže, zkuste opravit pomocí WindowsRepair: https://www.slunecnice.cz/sw/windows-repair/ . Je to systémová chyba, která nemá s malware nic společného. Před použitím EindowsRepair doporučuji provést zálohu dat.

[Robiop15]

Jasně. Zkusím. Zatím díky moc za pomoc.